openssl - openssl

	Commit message (Collapse)	Author	Age	Files	Lines
*	Update copyright year	Matt Caswell	2020-04-23	1	-1/+1
\| \| \| \| \|	Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
*	Make secure-memory be a config option	Rich Salz	2020-02-14	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \|	Adding support for "no-secure-memory" was simple, a one-liner. Fixing all the "ifdef OPENSSL_SECURE_MEMORY" to be "ifndef NO_xxx" was a bit more work. My original goof, for not following the OpenSSL pattern "ifndef NO_" used everywhere else. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/11023)
*	Make minimum size for secure memory a size_t.	Pauli	2020-02-05	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \|	The minimum size argument to CRYPTO_secure_malloc_init() was an int but ought to be a size_t since it is a size. From an API perspective, this is a change. However, the minimum size is verified as being a positive power of two and it will typically be a small constant. Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from #11003)
*	Following the license change, modify the boilerplates in test/	Richard Levitte	2018-12-06	1	-1/+1
\| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7767)
*	test/secmemtest: test secure memory only if it is implemented	Dr. Matthias St. Pierre	2018-10-05	1	-3/+6
\| \| \| \| \| \| \| \|	Fixes #7322 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/7351)
*	Update copyright year	Matt Caswell	2018-09-11	1	-1/+1
\| \| \| \| \|	Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7176)
*	Zero memory in CRYPTO_secure_malloc.	Pauli	2018-08-22	1	-0/+44
\| \| \| \| \| \| \| \| \| \| \| \| \|	This commit destroys the free list pointers which would otherwise be present in the returned memory blocks. This in turn helps prevent information leakage from the secure memory area. Note: CRYPTO_secure_malloc is not guaranteed to return zeroed memory: before the secure memory system is initialised or if it isn't implemented. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7011)
*	Fix some Typos and indents	FdaSilvaYY	2017-08-11	1	-1/+1
\| \| \| \| \| \|	Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4108)
*	Add some test coverage for OPENSSL_secure_clear_free	Bernd Edlinger	2017-07-29	1	-4/+10
\| \| \| \| \|	Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4044)
*	Update the test framework so that the need for test_main is removed. Everything	Pauli	2017-07-26	1	-1/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	that needed test_main now works using the same infrastructure as tests that used register_tests. This meant: * renaming register_tests to setup_tests and giving it a success/failure return. * renaming the init_test function to setup_test_framework. * renaming the finish_test function to pulldown_test_framework. * adding a user provided global_init function that runs before the test frame work is initialised. It returns a failure indication that stops the stest. * adding helper functions that permit tests to access their command line args. * spliting the BIO initialisation and finalisation out from the test setup and teardown. * hiding some of the now test internal functions. * fix the comments in testutil.h Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3953)
*	Fix the mem_sec "small arena"	Todd Short	2017-05-22	1	-6/+9
\| \| \| \| \| \| \| \| \| \|	Fix the small arena test to just check for the symptom of the infinite loop (i.e. initialized set on failure), rather than the actual infinite loop. This avoids some valgrind errors. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3512)
*	test/secmemtest.c: clarify limitations for huge secure memory arena test.	Andy Polyakov	2017-05-22	1	-10/+15
\| \| \| \|	Reviewed-by: Rich Salz <rsalz@openssl.org>
*	Tweak sec_mem tests	Todd Short	2017-05-21	1	-3/+22
\| \| \| \| \| \| \| \|	Remove assertion when mmap() fails. Only run the 1<<31 limit test on Linux Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3455)
*	Fix infinite loops in secure memory allocation.	Todd Short	2017-05-11	1	-0/+21
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Issue 1: sh.bittable_size is a size_t but i is and int, which can result in freelist == -1 if sh.bittable_size exceeds an int. This seems to result in an OPENSSL_assert due to invalid allocation size, so maybe that is "ok." Worse, if sh.bittable_size is exactly 1<<31, then this becomes an infinite loop (because 1<<31 is a negative int, so it can be shifted right forever and sticks at -1). Issue 2: CRYPTO_secure_malloc_init() sets secure_mem_initialized=1 even when sh_init() returns 0. If sh_init() fails, we end up with secure_mem_initialized=1 but sh.minsize=0. If you then call secure_malloc(), which then calls, sh_malloc(), this then enters an infite loop since 0 << anything will never be larger than size. Issue 3: That same sh_malloc loop will loop forever for a size greater than size_t/2 because i will proceed (assuming sh.minsize=16): i=16, 32, 64, ..., size_t/8, size_t/4, size_t/2, 0, 0, 0, 0, .... This sequence will never be larger than "size". Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3449)
*	Adapt all test programs	Richard Levitte	2017-04-24	1	-1/+0
\| \| \| \| \|	Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3243)
*	Update secmemtest and memeleaktest to use the test infrastructure.	Pauli	2017-04-12	1	-70/+49
\| \| \| \| \| \| \| \|	It isn't easy to use the test framework since it turns memory debugging on as well and the CRYPTO_mem_leaks_fp function cannot be called twice. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3169)
*	Copyright consolidation 02/10	Rich Salz	2016-05-17	1	-0/+8
\| \| \| \|	Reviewed-by: Richard Levitte <levitte@openssl.org>
*	Secure memory fixes	Todd Short	2016-05-02	1	-6/+67
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Fix some of the variables to be (s)size_t, so that more than 1GB of secure memory can be allocated. The arena has to be a power of 2, and 2GB fails because it ends up being a negative 32-bit signed number. The \|too_late\| flag is not strictly necessary; it is easy to figure out if something is secure memory by looking at the arena. As before, secure memory allocations will not fail, but now they can be freed correctly. Once initialized, secure memory can still be used, even if allocations occured before initialization. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
*	Fixup secmemtest for the change of CRYPTO_free() and friends	Richard Levitte	2016-02-17	1	-2/+2
\| \| \| \| \| \|	Switching it to use OPENSSL_free() et al when appropriate. Reviewed-by: Matt Caswell <matt@openssl.org>
*	More secure storage of key material.	Rich Salz	2015-06-23	1	-0/+34
	Add secure heap for storage of private keys (when possible). Add BIO_s_secmem(), CBIGNUM, etc. Add BIO_CTX_secure_new so all BIGNUM's in the context are secure. Contributed by Akamai Technologies under the Corporate CLA. Reviewed-by: Richard Levitte <levitte@openssl.org>