summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-05-19CVE 2016-2109 fixandroid-7.1.2_r39android-7.1.2_r38android-7.1.2_r37nougat-mr2-security-releaseAdam Vartanian
Read ASN.1 data in chunks to prevent invalid inputs from allocating excessive amounts of data. Bug: 35443725 Test: run cts -m CtsLibcoreTestCases Test: manually ran testcase from OpenSSL Change-Id: Ia9d6aa40726c0cba26e2060108112f33e00e8270 Merged-In: Ie00536d7ad815464b2b031f7bcd1b683e12c1623 Merged-In: If087a69ee075b3c5323abb8d7d740e92bd703bb1 Merged-In: If77e23607fc77f724f50ad0e0b94eef4beae57ea Merged-In: Ia8d0370ece1d5c1750a4331810c610ed5c813224 Merged-In: Ia945d5ce50335919b0783fe909892703213454ef (cherry picked from commit ea156ae109eac7b7cf7d4f6a76f3c4590734789b)
2017-03-20DO NOT MERGEDavid Benjamin
Always use Fermat's Little Theorem in ecdsa_sign_setup. The case where ec_group_get_mont_data is NULL is only for arbitrary groups which we now require to be prime order. BN_mod_exp_mont is fine with a NULL BN_MONT_CTX. It will just compute it. Saves a bit of special-casing. Also don't mark p-2 as BN_FLG_CONSTTIME as the exponent is public anyway. (cherry picked from commit 8cf79af7d1497c07bd684764b96c9659e7b32ae1) Bug: 33752052 Change-Id: Iedaf2f40028ef703078262ae5e971cc715d49866 (cherry picked from commit 5e7ef724aead3c33184f34ac7c684e9c2a859b87)
2017-01-18Rewrite BN_bn2dec. am: 8c2c80c1be am: 2242e545fe am: 3a7c987a43 am: ↵android-7.1.2_r6android-7.1.2_r5android-7.1.2_r4android-7.1.2_r3android-7.1.2_r2android-7.1.2_r1nougat-mr2-devDavid Benjamin
5e36e04f4a -s ours am: e5f071b97d am: 301d2f9c13 am: dfd0e610dd am: 87df09edfc Change-Id: I8d5c226e25e8b8b6d2df2e3e880fbfb0e11afa91
2017-01-18Merge "Rewrite BN_bn2dec." into nyc-mr1-dev am: f57d711a89Kenny Root
am: 2579fef5be Change-Id: Id172439d03d3694e924d424b2b4924ec2493680a
2017-01-18Rewrite BN_bn2dec. am: 8c2c80c1be am: 2242e545fe am: 3a7c987a43 am: ↵David Benjamin
5e36e04f4a -s ours am: e5f071b97d am: 301d2f9c13 am: dfd0e610dd Change-Id: I6453924e68c5e282a8db7d1a03cca380882e8250
2017-01-18Rewrite BN_bn2dec. am: 29b92ab938David Benjamin
am: f74cb4fd9a Change-Id: Ibf4a6b82a153de15cd85b6d1219bfd59851ecc6e
2017-01-18Rewrite BN_bn2dec. am: 8c2c80c1be am: 2242e545fe am: 3a7c987a43 am: ↵David Benjamin
5e36e04f4a -s ours am: e5f071b97d am: 301d2f9c13 Change-Id: I94b8ae46d9438a90ab033c9e11a79f5fbab14b14
2017-01-18Merge "Rewrite BN_bn2dec." into nyc-mr1-devKenny Root
am: f57d711a89 Change-Id: I53fe9b10a8919c062573e7a2cf5eaf43526d5dd6
2017-01-18Rewrite BN_bn2dec.David Benjamin
am: 29b92ab938 Change-Id: Iae907681572694ca0b166448470077c4d7a90693
2017-01-18Rewrite BN_bn2dec. am: 8c2c80c1be am: 2242e545fe am: 3a7c987a43 am: ↵David Benjamin
5e36e04f4a -s ours am: e5f071b97d Change-Id: If8b668a54082c0e429796da0049a929bf3b5137d
2017-01-18Merge "Rewrite BN_bn2dec." into nyc-mr1-devKenny Root
2017-01-18Rewrite BN_bn2dec. am: 8c2c80c1be am: 2242e545fe am: 3a7c987a43David Benjamin
am: 5e36e04f4a -s ours Change-Id: I8d1c586856aad99e09b33faf85ef28f5d6d8f266
2017-01-18Rewrite BN_bn2dec. am: 7a342e9714 am: aa436848f1 am: 38fcf1045eDavid Benjamin
am: 84ef8ae722 Change-Id: I8d97b5d85d0ef570a8ca68b5e36ddb7a286fb552
2017-01-18Rewrite BN_bn2dec. am: 7a342e9714 am: aa436848f1David Benjamin
am: 38fcf1045e Change-Id: I24f456bb6aeb670e0f7518f48827ce3da3b816d7
2017-01-18Rewrite BN_bn2dec. am: 8c2c80c1be am: 2242e545feDavid Benjamin
am: 3a7c987a43 Change-Id: I172285d83d594c972f986b33fbc4251ec3583a0f
2017-01-18Rewrite BN_bn2dec. am: 7a342e9714David Benjamin
am: aa436848f1 Change-Id: Id34d840377d8a03870cd2f2628d6e89f3421555a
2017-01-18Rewrite BN_bn2dec. am: 8c2c80c1beDavid Benjamin
am: 2242e545fe Change-Id: I2a7f0671035826f356d21529d7d491592d4783e0
2017-01-18Rewrite BN_bn2dec.David Benjamin
am: 7a342e9714 Change-Id: I1d13e3c11357d8d8b0eb6c590800eaaa9b51add0
2017-01-18Rewrite BN_bn2dec.David Benjamin
am: 8c2c80c1be Change-Id: I7fff0f3abda4f0ed15f9f68e2a97d0addf3b06ae
2017-01-18Rewrite BN_bn2dec.David Benjamin
This is a more complete fix for CVE-2016-2182. The original commit message was: "If an oversize BIGNUM is presented to BN_bn2dec() it can cause BN_div_word() to fail and not reduce the value of 't' resulting in OOB writes to the bn_data buffer and eventually crashing. Fix by checking return value of BN_div_word() and checking writes don't overflow buffer. Thanks to Shi Lei for reporting this bug." BoringSSL's rewrite commit message: "958aaf1ea1b481e8ef32970d5b0add80504be4b2, imported from upstream, had an off-by-one error. Reproducing the failure is fairly easy as it can't even serialize 1. See also upstream's 099e2968ed3c7d256cda048995626664082b1b30. Rewrite the function completely with CBB and add a basic test. BUG=chromium:639740" Change-Id: I41a91514c4bb9e83854824ed5258ffe4e49d9491 Bug: 32096880
2017-01-18Rewrite BN_bn2dec.David Benjamin
This is a more complete fix for CVE-2016-2182. The original commit message was: "If an oversize BIGNUM is presented to BN_bn2dec() it can cause BN_div_word() to fail and not reduce the value of 't' resulting in OOB writes to the bn_data buffer and eventually crashing. Fix by checking return value of BN_div_word() and checking writes don't overflow buffer. Thanks to Shi Lei for reporting this bug." BoringSSL's rewrite commit message: "958aaf1ea1b481e8ef32970d5b0add80504be4b2, imported from upstream, had an off-by-one error. Reproducing the failure is fairly easy as it can't even serialize 1. See also upstream's 099e2968ed3c7d256cda048995626664082b1b30. Rewrite the function completely with CBB and add a basic test. BUG=chromium:639740" Change-Id: I41a91514c4bb9e83854824ed5258ffe4e49d9491 Bug: 32096880
2017-01-18Rewrite BN_bn2dec.David Benjamin
This is a more complete fix for CVE-2016-2182. The original commit message was: "If an oversize BIGNUM is presented to BN_bn2dec() it can cause BN_div_word() to fail and not reduce the value of 't' resulting in OOB writes to the bn_data buffer and eventually crashing. Fix by checking return value of BN_div_word() and checking writes don't overflow buffer. Thanks to Shi Lei for reporting this bug." BoringSSL's rewrite commit message: "958aaf1ea1b481e8ef32970d5b0add80504be4b2, imported from upstream, had an off-by-one error. Reproducing the failure is fairly easy as it can't even serialize 1. See also upstream's 099e2968ed3c7d256cda048995626664082b1b30. Rewrite the function completely with CBB and add a basic test. BUG=chromium:639740" Change-Id: I41a91514c4bb9e83854824ed5258ffe4e49d9491 Bug: 32096880
2016-10-18DO NOT MERGE: Add a few more no-op stubs for cURL compatibility. am: ↵David Benjamin
4177c9b481 am: 1220bf946d am: 5de55ee076 Change-Id: I8a8b03fb63b6708dacc5d7d617fd50178cb49ec6
2016-10-18DO NOT MERGE: Add a few more no-op stubs for cURL compatibility. am: 4177c9b481android-cts_7.1_r1android-cts-7.1_r3android-cts-7.1_r2android-cts-7.1_r1android-7.1.1_r9android-7.1.1_r8android-7.1.1_r7android-7.1.1_r6android-7.1.1_r4android-7.1.1_r3android-7.1.1_r22android-7.1.1_r21android-7.1.1_r20android-7.1.1_r2android-7.1.1_r17android-7.1.1_r16android-7.1.1_r15android-7.1.1_r14android-7.1.1_r13android-7.1.1_r12android-7.1.1_r11android-7.1.1_r10android-7.1.1_r1nougat-mr1.2-releasenougat-mr1-devDavid Benjamin
am: 1220bf946d Change-Id: I9add2c54dda8093efd7b3df79aef436bcaf2ddd7
2016-10-18DO NOT MERGE: Add a few more no-op stubs for cURL compatibility.David Benjamin
am: 4177c9b481 Change-Id: Ie2b2decee75fb03dfdaa271e60b9c5b49651baf0
2016-10-06DO NOT MERGE: Add a few more no-op stubs for cURL compatibility.David Benjamin
With these stubs, cURL should not need any BoringSSL #ifdefs at all, except for their OCSP #ifdefs (which can switch to the more generally useful OPENSSL_NO_OCSP) and the workaround for wincrypt.h macro collisions. That we intentionally leave to the consumer rather than add a partial hack that makes the build sensitive to include order. (I'll send them a patch upstream once this cycles in.) Reviewed-on: https://boringssl-review.googlesource.com/6980 Reviewed-by: Adam Langley <agl@google.com> (cherry picked from upstream commit e5aa791a1cbd70c64a5cadaae71eda8f6d5aa992) Change-Id: I65812be5cb37acd63d755b313162b7a03d130d98
2016-09-15Re-add |EVP_des_ede_cbc|. am: 9f12ca8242 am: cbbf882c58 am: cc069eaff4 am: ↵Matt Braithwaite
c14c24ab05 -s ours am: 3c9bd56303 am: 6cf5bbc227 am: 309ccff6ae Change-Id: I52f9812d6d3b8bcb3464b9dbd395701fe8025285
2016-09-15Re-add |EVP_des_ede_cbc|. am: 9f12ca8242 am: cbbf882c58 am: cc069eaff4 am: ↵Matt Braithwaite
c14c24ab05 -s ours am: 3c9bd56303 am: 6cf5bbc227 Change-Id: Ia046ea07f78e37b82a7c00048d93c51b21274181
2016-09-15Re-add |EVP_des_ede_cbc|. am: 9f12ca8242 am: cbbf882c58 am: cc069eaff4 am: ↵Matt Braithwaite
c14c24ab05 -s ours am: 3c9bd56303 Change-Id: Id7b0bb15e3ee6f3ad20feb3f2672fc72df2609ad
2016-09-15Re-add |EVP_des_ede_cbc|. am: 9f12ca8242 am: cbbf882c58 am: cc069eaff4Matt Braithwaite
am: c14c24ab05 -s ours Change-Id: I93715c325f89a0d3263d5940e5c62b3bce495573
2016-09-15Fix NID of |EVP_CIPHER des3_cbc|. am: 15706c2705 am: cb576493fe am: ↵Matt Braithwaite
b6d97eefe4 am: 5c9faa3e81 -s ours am: 625c7d8217 am: f3052ee558 am: 7ffc5ef6f6 Change-Id: I1e14f4294f135530710a9af44be8040af484913c
2016-09-15Fix NID of |EVP_CIPHER des3_cbc|. am: 15706c2705 am: cb576493fe am: ↵Matt Braithwaite
b6d97eefe4 am: 5c9faa3e81 -s ours am: 625c7d8217 am: f3052ee558 Change-Id: Id426ad1ebb5ae08859c14e0fb14b401dd0a3770b
2016-09-15Fix NID of |EVP_CIPHER des3_cbc|. am: 15706c2705 am: cb576493fe am: ↵Matt Braithwaite
b6d97eefe4 am: 5c9faa3e81 -s ours am: 625c7d8217 Change-Id: I489a02525f7186dae9f9ca95bd550bf5be294048
2016-09-15Fix NID of |EVP_CIPHER des3_cbc|. am: 15706c2705 am: cb576493fe am: b6d97eefe4Matt Braithwaite
am: 5c9faa3e81 -s ours Change-Id: Ib29651fdf6d4aad864175fda4b8f30421ff05c23
2016-09-15Re-add |EVP_des_ede_cbc|. am: 9f12ca8242 am: cbbf882c58Matt Braithwaite
am: cc069eaff4 Change-Id: I13b938457efb7054a31dbc4006af368ad223b777
2016-09-15Fix NID of |EVP_CIPHER des3_cbc|. am: 15706c2705 am: cb576493feMatt Braithwaite
am: b6d97eefe4 Change-Id: I15bbc5d62cb1cd56115c36fffa01e0a288910163
2016-09-15Re-add |EVP_des_ede_cbc|. am: 9f12ca8242Matt Braithwaite
am: cbbf882c58 Change-Id: I7166af73dba062ecd24830ffb5c3d116fa24628e
2016-09-15Fix NID of |EVP_CIPHER des3_cbc|. am: 15706c2705Matt Braithwaite
am: cb576493fe Change-Id: Ifb233f7e519786f29c82f96c3c49e63e1b5a6f20
2016-09-15Re-add |EVP_des_ede_cbc|.Matt Braithwaite
am: 9f12ca8242 Change-Id: I2a449847047903c014a54167bcdb9d7ec1fc10ee
2016-09-15Fix NID of |EVP_CIPHER des3_cbc|.Matt Braithwaite
am: 15706c2705 Change-Id: Ib4f7fefa4b8220a3caf7874f56b08f27422ea8bd
2016-09-14Re-add |EVP_des_ede_cbc|.Matt Braithwaite
Note that while |DES_ede2_cbc_encrypt| exists, I didn't use it: I think it's easier to see what's happening this way. (I couldn't find an authoritative source of test data, including in OpenSSL's source, so I used OpenSSL's implementation to produce the test ciphertext.) This benefits globalplatform. (cherry picked from commit 8c413a2d94fa720fae6a7d9c939e33978f3ed25b) Bug: 31081987 Change-Id: I7e17ca0b69067d7b3f4bc213b4616eb269882ae0 Reviewed-on: https://boringssl-review.googlesource.com/5724 Reviewed-by: Adam Langley <agl@google.com>
2016-09-14Fix NID of |EVP_CIPHER des3_cbc|.Matt Braithwaite
(cherry picked from commit 6bfdc63114d7921037f44e7e3145c706b9ffb2e4) Bug: 31081987 Change-Id: I0f27fa1897d2f0a148203610ccd5c6c7967f9f3d Reviewed-on: https://boringssl-review.googlesource.com/5510 Reviewed-by: Adam Langley <agl@google.com>
2016-05-25Fix encoding bug in i2c_ASN1_INTEGER am: c313c682b6 am: 78f200490e am: ↵Adam Langley
5f51074adc am: 2fddbe3348 am: 652affb06b * commit '652affb06bafde7bc4ab124deb93dda3d9f88c9d': Fix encoding bug in i2c_ASN1_INTEGER Change-Id: Ib1547d682f3d55192518fb3caa9e851377739fb7
2016-05-25Fix encoding bug in i2c_ASN1_INTEGER am: c313c682b6 am: 78f200490e am: ↵nougat-devAdam Langley
5f51074adc am: 2fddbe3348 * commit '2fddbe3348fcf4b087efcc4d44c1d466fccaf462': Fix encoding bug in i2c_ASN1_INTEGER Change-Id: Id8a256726d190c3e9195ccba7e7c34b18f4716a7
2016-05-25Fix encoding bug in i2c_ASN1_INTEGER am: c313c682b6 am: 78f200490eAdam Langley
am: 5f51074adc * commit '5f51074adcd8cb0fd6f34797a921685c15cdb23e': Fix encoding bug in i2c_ASN1_INTEGER Change-Id: I6842c9a5ea94ba4358ea69076a8f9cc6d8b512ec
2016-05-25Fix encoding bug in i2c_ASN1_INTEGER am: c313c682b6Adam Langley
am: 78f200490e * commit '78f200490e2e7d18b7973b6f90cef350672c2be3': Fix encoding bug in i2c_ASN1_INTEGER Change-Id: If689d4b584c9593b805518447497bcb2d2680671
2016-05-25Fix encoding bug in i2c_ASN1_INTEGERAdam Langley
am: c313c682b6 * commit 'c313c682b677792ce384047e4a44812c218e29c9': Fix encoding bug in i2c_ASN1_INTEGER Change-Id: I4a6e0743464d3305d4d043dfab54790ac8baf49a
2016-05-16Fix encoding bug in i2c_ASN1_INTEGERandroid-7.1.0_r7android-7.1.0_r6android-7.1.0_r5android-7.1.0_r4android-7.1.0_r3android-7.1.0_r2android-7.1.0_r1nougat-dr1-releaseAdam Langley
am: c79be54ba3 * commit 'c79be54ba3206605350204e419e4078906456da6': Fix encoding bug in i2c_ASN1_INTEGER Change-Id: I9a5d0ad1bca0a396a44939a4aea60bf83acdce32
2016-05-13Fix encoding bug in i2c_ASN1_INTEGERandroid-cts-7.0_r9android-cts-7.0_r8android-cts-7.0_r7android-cts-7.0_r6android-cts-7.0_r5android-cts-7.0_r4android-cts-7.0_r33android-cts-7.0_r32android-cts-7.0_r31android-cts-7.0_r30android-cts-7.0_r3android-cts-7.0_r29android-cts-7.0_r28android-cts-7.0_r27android-cts-7.0_r26android-cts-7.0_r25android-cts-7.0_r24android-cts-7.0_r23android-cts-7.0_r22android-cts-7.0_r21android-cts-7.0_r20android-cts-7.0_r2android-cts-7.0_r19android-cts-7.0_r18android-cts-7.0_r17android-cts-7.0_r16android-cts-7.0_r15android-cts-7.0_r14android-cts-7.0_r13android-cts-7.0_r12android-cts-7.0_r11android-cts-7.0_r10android-cts-7.0_r1android-7.0.0_r9android-7.0.0_r8android-7.0.0_r7android-7.0.0_r6android-7.0.0_r5android-7.0.0_r4android-7.0.0_r3android-7.0.0_r21android-7.0.0_r19android-7.0.0_r17android-7.0.0_r15android-7.0.0_r14android-7.0.0_r13android-7.0.0_r12android-7.0.0_r11android-7.0.0_r10android-7.0.0_r1afw-test-harness-2.1nougat-releasenougat-cts-releasenougat-bugfix-releaseAdam Langley
(Imported from upstream's 3661bb4e7934668bd99ca777ea8b30eedfafa871.) Fix bug where i2c_ASN1_INTEGER mishandles zero if it is marked as negative. Thanks to Huzaifa Sidhpurwala <huzaifas@redhat.com> and Hanno Böck <hanno@hboeck.de> for reporting this issue. BUG=590615 (cherry-picked from c4eec0c16b02c97a62a95b6a08656c3a9ddb6baa) Bug: 28175332 Change-Id: I49f6ecdd9b3512f3d0a28e96dd8c48734dacf248 Reviewed-on: https://boringssl-review.googlesource.com/7199 Reviewed-by: David Benjamin <davidben@google.com>
2016-03-21Remove support for mis-encoded PKCS#8 DSA keys. am: c042e7eDavid Benjamin
am: eea801c * commit 'eea801cc4bb43e1fbf2e547ee8b94402264f4396': Remove support for mis-encoded PKCS#8 DSA keys.
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 05:24:26 +0000