summaryrefslogtreecommitdiff
path: root/crypto/evp
Commit message (Collapse)AuthorAgeFilesLines
* Fixed TLS1.3 handshake issue for legacy engine API.Yuan, Shuai2023-05-111-0/+4
| | | | | | | | Signed-off-by: Yuan, Shuai <shuai.yuan@intel.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20922)
* param->ctrl translation: Fix evp_pkey_ctx_setget_params_to_ctrl()Richard Levitte2023-05-011-0/+1
| | | | | | | | Ensure that ctx.ctrl_cmd defaults to translation->cmd_num Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20780)
* param->ctrl translation: Fix fix_ec_paramgen_curve_nid()Richard Levitte2023-05-011-1/+14
| | | | | | | | | | | This function didn't prepare space to get the param string, which causes the default_fixup_args() call to fail. Fixes #20161 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20780)
* pbe: sort stack before using findPauli2023-05-011-0/+2
| | | | | | | | | There is no lock for the sort. This is no worse than the existing code which sorted silently without a lock. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20842)
* Erase temporary buffer in EVP_PKEY_get_bn_param()Anatolii Lishchynskyi2023-04-041-1/+8
| | | | | | | | | | | | | | Function EVP_PKEY_get_bn_param() uses temporary buffer (on stack or heap allocated) to store serialized bignum, but after deserializing it into BIGNUM*, the buffer is not erased and may contain sensitive data. This change makes sure the buffer is erased if it was successfully filled before. Unfortunately, it does not distinguish between public and private key components, and will always erase the buffer. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20639)
* Avoid calling into provider with the same iv_len or key_lenTomas Mraz2023-04-031-0/+8
| | | | | | | | | Fixes #20625 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20664)
* Incorrect null pointer checkafshinpir2023-03-311-1/+1
| | | | | | | | | | CLA: trivial There is an incorrect null pointer check and this ccommit resolves it. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20646)
* Coverity 1524597: null pointer dereferencePauli2023-03-301-7/+11
| | | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20629)
* `EVP_PKEY_CTX_dup` segmentation fault fixafshinpir2023-03-271-8/+20
| | | | | | | | | | | | | CLA: trivial The the provider, context duplication method for signature, key exchange, asymmetric cipher, and key encapsulation is optional. But if they are missing, we will get a segmentation fault in `EVP_PKEY_CTX_dup` because they are called without null pointer checking. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20581)
* translation: EC legacy keys, handle OSSL_PKEY_PARAM_EC_PUB_X,Y requestsJorge Ramirez-Ortiz2023-03-271-0/+60
| | | | | | | | | | | Required by tpm2-tss to load legacy EC keys using the OpenSSL engine. Fixes: https://github.com/tpm2-software/tpm2-tss/issues/2581 Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20535)
* Add a flag so finalised contexts are not reusedSimo Sorce2023-03-152-9/+74
| | | | | | | | | | | | | | The EVP layer should not rely on the underlying low level code to handle catching incorrect reuse of contexts. Add a flag to mark a context as finalised as needed and then catch and immediately error on Update/Final operations if called improperly. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/20375)
* Do not fail if ctx dup does not succeedSimo Sorce2023-03-153-20/+21
| | | | | | | | | | | | | | | If the ctx was *really* needed we'll probably fail later with an error anyway, so no point in failing immediately. Document that this behavior is dependent on the provider used to implement the signature/verification. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/20375)
* Add missing assignment to EVP_get_digestbynid()ndossche2023-03-151-1/+1
| | | | | | | | | | | | The assignment of the result of EVP_get_digestbynid() did not happen which made the fallback not actually perform the fallback. CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20447)
* Improve the performance of EVP_PKCS82PKEY_exMatt Caswell2023-03-061-1/+22
| | | | | | | | | | | | | We can easily find out the keytype which should significantly improve the performance of this function because we don't have to try every loaded decoder. Partial fix for #20399 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20412)
* Fix cast.Pauli2023-03-061-1/+1
| | | | | | | | Fixes #20424 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20425)
* Add OSSL_FUNC_keymgmt_im/export_types function that gets the provider contextIngo Franzki2023-02-242-2/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The provider functions OSSL_FUNC_keymgmt_import_types() and OSSL_FUNC_keymgmt_export_types() do not get the provider context passed. This makes it difficult for providers to implement these functions unless its a static implementation returning a truly constant OSSL_PARAM array. Some providers may have a need to return an OSSL_PARAM array that is dependent on the provider configuration, or anything else that is contained in its provider context. Add extended variants of these functions that get the provider context passed. The functions should still return a static and constant OSSL_PARAM array, but may use the provider context to select the array to return dependent on its context. The returned array must be constant at least until the provider is unloaded. Providers can implement only the original functions, or only the extended functions, or both. Implementing at least one of those functions is required if also the respective OSSL_FUNC_keymgmt_import() or OSSL_FUNC_keymgmt_export() function is implemented. If an extended function is available, it is called by evp_keymgmt_import_types() or evp_keymgmt_export_types(), otherwise the original function is called. This makes the code backward compatible. Existing providers will only implement the original functions, so these functions will continued to be called. Newer providers can choose to implement the extended functions, and thus can benefit from the provider context being passed to the implementation. Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20255)
* Fix potential NULL pointer dereference in function evp_pkey_asn1_ctrlzhailiangliang2023-02-231-2/+8
| | | | | | | | CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20294)
* Fix error check on default_check() helper functionndossche2023-02-081-1/+1
| | | | | | | | | | | | | | default_check() can return a zero value to indicate an internal error in one condition for the PRE_CTRL_STR_TO_PARAMS state. This state can be reached from the default_fixup_args() function which does not check for a zero value. All other callers of default_check() in that file do check for a zero return value. Fix it by changing the check to <= 0. CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20175)
* Fix incomplete checks for EVP_CIPHER_asn1_to_paramNiels Dossche2023-01-252-2/+2
| | | | | | | | | | | | | | | | EVP_CIPHER_asn1_to_param() returns a value <= 0 in case of an error, and a value greater than 0 in case of success. Two callsites only check for < 0 instead of <= 0. The other callsites perform this check correctly. Change the two callsites to <= 0. Additionally correctly handle a zero return value from EVP_CIPHER_get_asn1_iv as success. Fixes: #20116 CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/201213)
* Fix BIO_f_cipher() flushingMatt Caswell2022-12-221-1/+8
| | | | | | | | | | | | | | | | | If an error occurs during a flush on a BIO_f_cipher() then in some cases we could get into an infinite loop. We add a check to make sure we are making progress during flush and exit if not. This issue was reported by Octavio Galland who also demonstrated an infinite loop in CMS encryption as a result of this bug. The security team has assessed this issue as not a CVE. This occurs on *encryption* only which is typically processing trusted data. We are not aware of a way to trigger this with untrusted data. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19918)
* Refine the documents of several APIsPeiwei Hu2022-12-161-2/+2
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19816)
* rsa: Add option to disable implicit rejectionHubert Kario2022-12-121-0/+6
| | | | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13817)
* Add SM2 support for EVP_PKEY_Q_keygenJiaxun Yang2022-11-241-1/+2
| | | | | | | | | | | | There is no reason preventing this API to support SM2, which gives us a simple method to do SM2 key gen. CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19736)
* Propagate selection all the way on key exportSimo Sorce2022-11-152-16/+25
| | | | | | | | | | | | | | | | | | | | EVP_PKEY_eq() is used to check, among other things, if a certificate public key corresponds to a private key. When the private key belongs to a provider that does not allow to export private keys this currently fails as the internal functions used to import/export keys ignored the selection given (which specifies that only the public key needs to be considered) and instead tries to export everything. This patch allows to propagate the selection all the way down including adding it in the cache so that a following operation actually looking for other selection parameters does not mistakenly pick up an export containing only partial information. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19648)
* rand: add set0 calls for the private and public DRBGsPauli2022-11-021-2/+2
| | | | | | | | | | The FIPS 140-3 DSA and ECDSA tests need to be known answer tests which means the entropy needs to be cooked. This permits this. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/19510)
* Add translation for ECX group parameterJuergen Christ2022-10-131-1/+36
| | | | | | | | | | | | | | | | | | | Legacy EVP_PKEY_CTX objects did not support the "group" parameter for X25519 and X448. The translation of this parameter resulted in an error. This caused errors for legacy keys and engines. Fix this situation by adding a translation that simply checks that the correct parameter is to be set, but does not actually set anything. This is correct since the group name is anyway optional for these two curves. Fixes #19313 Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19348)
* crypto: Fix various typos, repeated words, align some spelling to LDP.FdaSilvaYY2022-10-123-5/+5
| | | | | | | | | | | | partially revamped from #16712 - fall thru -> fall through - time stamp -> timestamp - file name -> filename - host name -> hostname Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19059)
* Stop raising ERR_R_MALLOC_FAILURE in most placesRichard Levitte2022-10-0529-133/+83
| | | | | | | | | | | | | | | | | | | | | | | Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
* Ensure we call the cleanup() function when cleaning an EVP_CIPHER_CTXMatt Caswell2022-10-031-0/+2
| | | | | | | | | In some circumstances we were not calling the cleanup() function to remove cipher specific data from an EVP_CIPHER_CTX. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19300)
* Fix usage of custom EVP_CIPHER objectsMatt Caswell2022-10-032-4/+7
| | | | | | | | | | | | | | | | | | | | If a custom EVP_CIPHER object has been passed to EVP_CipherInit() then it should be used in preference to a fetched cipher. We also fix a possible NULL pointer deref in the same code for digests. If the custom cipher passed to EVP_CipherInit() happens to use NID_undef (which should be a discouraged practice), then in the previous implementation this could result in the NULL cipher being fetched and hence NULL encryption being unexpectedly used. CVE-2022-3358 Fixes #18970 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19300)
* ERR: replace remnant ECerr() and EVPerr() calls in crypto/Dr. David von Oheimb2022-09-301-1/+1
| | | | | | | | | | except those throwing ERR_R_MALLOC_FAILURE Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19302)
* Add HPKE DHKEM provider support for EC, X25519 and X448.slontis2022-09-232-20/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The code is derived from @sftcd's work in PR #17172. This PR puts the DHKEM algorithms into the provider layer as KEM algorithms for EC and ECX. This PR only implements the DHKEM component of HPKE as specified in RFC 9180. crypto/hpke/hpke_util.c has been added for fuctions that will be shared between DHKEM and HPKE. API's for EVP_PKEY_auth_encapsulate_init() and EVP_PKEY_auth_decapsulate_init() have been added to support authenticated encapsulation. auth_init() functions were chosen rather that a EVP_PKEY_KEM_set_auth() interface to support future algorithms that could possibly need different init functions. Internal code has been refactored, so that it can be shared between the DHKEM and other systems. Since DHKEM operates on low level keys it needs to be able to do low level ECDH and ECXDH calls without converting the keys back into EVP_PKEY/EVP_PKEY_CTX form. See ossl_ecx_compute_key(), ossl_ec_public_from_private() DHKEM requires API's to derive a key using a seed (IKM). This did not sit well inside the DHKEM itself as dispatch functions. This functionality fits better inside the EC and ECX keymanagers keygen, since they are just variations of keygen where the private key is generated in a different manner. This should mainly be used for testing purposes. See ossl_ec_generate_key_dhkem(). It supports this by allowing a settable param to be passed to keygen (See OSSL_PKEY_PARAM_DHKEM_IKM). The keygen calls code within ec and ecx dhkem implementation to handle this. See ossl_ecx_dhkem_derive_private() and ossl_ec_dhkem_derive_private(). These 2 functions are also used by the EC/ECX DHKEM implementations to generate the sender ephemeral keys. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19068)
* EVP_PKEY_eq: regain compatibility with the 3.0.0 FIPS providerTomáš Mráz2022-09-161-3/+10
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19201)
* Add support for PBE using hmacWithSM3K12022-09-151-0/+3
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19204)
* evp: Use functions instead of direct structure field referencesTianjia Zhang2022-08-222-26/+33
| | | | | | | | | | | | | AES and chacha20poly1305 also have some codes that directly reference the fields in the EVP_CIPHER_CTX structure, such as 'ctx->buf' and 'ctx->encrypt', in order to make the code style uniform, use the corresponding interface API instead of direct field references. Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16465)
* evp: Simplify ARIA aead cipher definitionTianjia Zhang2022-08-221-9/+9
| | | | | | | | | | | Remove fixed macro variables, only keep the cipher mode name and key length. Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16465)
* Fix bug in EVP_CIPHER_CTX_get_iv_length()Pauli2022-08-031-5/+10
| | | | | | | | | | | | | Out of range values could possibly be returned due to a lack of range checking. Very unlikely to be exploitable for our provider because sensible values are returned for all ciphers. Also fixed the defaulting code so that the cipher's IV length is returned if the cipher ctx doesn't support getting. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/18875)
* "Reserve" the method store when constructing methodsRichard Levitte2022-07-201-0/+24
| | | | | | | | | | | | | | | | | | | | Introducing the concept of reserving the store where a number of provided operation methods are to be stored. This avoids racing when constructing provided methods, which is especially pertinent when multiple threads are trying to fetch the same method, or even any implementation for the same given operation type. This introduces a |biglock| in OSSL_METHOD_STORE, which is separate from the |lock| which is used for more internal and finer grained locking. Fixes #18152 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18153)
* evp: make all _is_a functions accept and handle a NULL argumentPauli2022-07-179-12/+18
| | | | | | | | | | | Makes life easier for callers. Fixes Coverity 1503326 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18799)
* crypto/evp/bio_b64.c: improve coding styleDr. David von Oheimb2022-07-141-47/+35
| | | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18787)
* Fix memory leak in EVP_PKEY_get1_encoded_public_key.slontis2022-07-121-3/+8
| | | | | | | | | | | | | | | | | | Occurs if a failure happens after the malloc call in the second call to EVP_PKEY_get_octet_string_param(). Detected by PR #18355 Some calling code assumes that nothing is allocated in the returned pointer if there was a failure. Other calling code always trys freeing. The third case is in ecdh_cms_encrypt() where it does not check the return value. I am assuming this change is ok since the legacy path in EVP_PKEY_get1_encoded_public_key() also does not return the pointer on failure. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18739)
* store_result: Add fallback for fetching the keymgmt from the provider of the ↵Tomas Mraz2022-06-281-3/+0
| | | | | | | | | | store Fixes #17531 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17554)
* Allocate EVP_PBE_CTL with OPENSSL_zalloc.Daniel Fiala2022-06-281-1/+1
| | | | | | | | | Fixes openssl#18598. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18666)
* Fix a mem leak in evp_pkey_export_to_providerK12022-06-151-2/+4
| | | | | | | | | If keymgmt is NULL, tmp_keymgmt is allocated and will not be freed. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/18499)
* Check return of BIO_new() and always free pkey from evp_pkey_copy_downgraded()Tomas Mraz2022-06-101-2/+5
| | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18494)
* Fix a mem leak in evp_pkey_copy_downgraded()Matt Caswell2022-06-081-1/+7
| | | | | | | | | | | | | If we get a failure during evp_pkey_copy_downgraded() and on entry *dest was NULL then we leak the EVP_PKEY that was automatically allocated and stored in *dest. Found due to this comment: https://github.com/openssl/openssl/pull/18355#issuecomment-1145028315 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18470)
* Fix possible null pointer dereference of evp_pkey_get_legacy()Zhou Qingyang2022-06-022-4/+12
| | | | | | | | | | | | evp_pkey_get_legacy() will return NULL on failure, however several uses of it or its wrappers does not check the return value of evp_pkey_get_legacy(), which could lead to NULL pointer dereference. Fix those possible bugs by adding NULL checking. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17967)
* Fix code format: BLOCK_CIPHER_customJiuhai Zhang2022-06-021-3/+3
| | | | | | | | | CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18412)
* Fix the incorrect checks of EVP_CIPHER_CTX_set_key_lengthPeiwei Hu2022-05-271-1/+1
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18397)
* Fix the defective check of EVP_PKEY_get_paramsPeiwei Hu2022-05-261-2/+2
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18367)
View Lorry Controller Status