zzy/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openssl/crypto
History
Pauli f3a7e6c057 evp: process key length and iv length early if present 
evp_cipher_init_internal() takes a params array argument and this is processed
late in the initialisation process for some ciphers (AEAD ones).

This means that changing the IV length as a parameter will either truncate the
IV (very bad if SP 800-38d section 8.2.1 is used) or grab extra uninitialised
bytes.

Truncation is very bad if SP 800-38d section 8.2.1 is being used to
contruct a deterministic IV.  This leads to an instant loss of confidentiality.

Grabbing extra bytes isn't so serious, it will most likely result in a bad
decryption.

Problem reported by Tony Battersby of Cybernetics.com but earlier discovered
and raised as issue #19822.

Fixes CVE-2023-5363
Fixes #19822

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2023-10-24 14:32:24 +01:00
..
aes
Improve performance for 6x unrolling with vpermxor instruction
2023-10-02 14:00:23 +02:00
aria
Change loops conditions to make zero loop risk more obvious.
2022-05-24 14:11:20 +10:00
asn1
Do not include crypto/asn1.h from internal/cryptlib.h
2023-10-19 10:15:56 +02:00
async
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
bf
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
bio
embed bio_dgram_data inside bio_dgram_sctp_data
2023-10-05 19:09:06 +02:00
bn
BN_gcd(): Avoid shifts of negative values
2023-10-05 12:05:16 +02:00
buffer
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
camellia
Rename x86-32 assembly files from .s to .S.
2022-05-24 13:16:06 +10:00
cast
Copyright year updates
2023-09-07 09:59:15 +01:00
chacha
LoongArch64 assembly pack: add ChaCha20 modules
2023-09-11 08:49:09 +10:00
cmac
Copyright year updates
2023-09-07 09:59:15 +01:00
cmp
CMP: fix OSSL_CMP_MSG_http_perform() by adding option OSSL_CMP_OPT_USE_TLS
2023-10-10 20:36:06 +02:00
cms
cms_enc.c: Include crypto/asn1.h for struct asn1_object_st
2023-10-19 10:15:56 +02:00
comp
Copyright year updates
2023-09-07 09:59:15 +01:00
conf
"foo * bar" should be "foo *bar"
2023-09-11 10:15:30 +02:00
crmf
Copyright year updates
2023-09-07 09:59:15 +01:00
ct
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
des
Copyright year updates
2023-09-07 09:59:15 +01:00
dh
DH_check_pub_key() should not fail when setting result code
2023-10-11 16:22:27 +02:00
dsa
DH_check_pub_key() should not fail when setting result code
2023-10-11 16:22:27 +02:00
dso
Copyright year updates
2023-09-07 09:59:15 +01:00
ec
Copyright year updates
2023-09-28 14:23:29 +01:00
encode_decode
Copyright year updates
2023-09-07 09:59:15 +01:00
engine
Improved detection of engine-provided private "classic" keys
2023-10-04 11:02:00 +11:00
err
Ensure that the ERR_STATE is left in a consistent state
2023-10-23 10:08:12 +01:00
ess
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
evp
evp: process key length and iv length early if present
2023-10-24 14:32:24 +01:00
ffc
DH_check_pub_key() should not fail when setting result code
2023-10-11 16:22:27 +02:00
hmac
Adapt other parts of the source to the changed EVP_Q_digest() and EVP_Q_mac()
2021-06-23 23:00:36 +02:00
hpke
Copyright year updates
2023-09-07 09:59:15 +01:00
http
Remove repeated words
2023-09-11 10:15:30 +02:00
idea
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
kdf
lhash
All lh_stats functions were deprecated in 3.1
2023-10-04 07:52:41 +11:00
md2
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
md4
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
md5
Copyright year updates
2023-09-07 09:59:15 +01:00
mdc2
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
modes
* Enable extra Arm64 optimization on Windows for GHASH, RAND and AES
2023-10-10 15:37:41 +02:00
objects
ensure that ossl_obj_nid_lock is allocated before use
2023-10-18 16:52:45 +02:00
ocsp
Copyright year updates
2023-09-07 09:59:15 +01:00
pem
Copyright year updates
2023-09-28 14:23:29 +01:00
perlasm
Copyright year updates
2023-09-07 09:59:15 +01:00
pkcs7
Copyright year updates
2023-09-07 09:59:15 +01:00
pkcs12
Copyright year updates
2023-09-28 14:23:29 +01:00
poly1305
Copyright year updates
2023-09-07 09:59:15 +01:00
property
ossl_property_list_to_string: handle quoted strings
2023-10-05 08:09:13 +11:00
rand
rand: fix seeding from a weak entropy source
2023-10-24 11:14:11 +01:00
rc2
Copyright year updates
2023-09-07 09:59:15 +01:00
rc4
Copyright year updates
2023-09-07 09:59:15 +01:00
rc5
Copyright year updates
2023-09-07 09:59:15 +01:00
ripemd
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
rsa
Dont require CRT params on ossl_rsa_set0_all_params
2023-10-18 18:08:02 +02:00
seed
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
sha
Copyright year updates
2023-09-28 14:23:29 +01:00
siphash
crypto/*: Fix various typos, repeated words, align some spelling to LDP.
2022-10-12 16:55:01 +11:00
sm2
Copyright year updates
2023-09-07 09:59:15 +01:00
sm3
* Enable extra Arm64 optimization on Windows for GHASH, RAND and AES
2023-10-10 15:37:41 +02:00
sm4
Copyright year updates
2023-09-07 09:59:15 +01:00
srp
Copyright year updates
2023-09-28 14:23:29 +01:00
stack
Copyright year updates
2023-09-07 09:59:15 +01:00
store
Copyright year updates
2023-09-28 14:23:29 +01:00
thread
Copyright year updates
2023-09-07 09:59:15 +01:00
ts
Copyright year updates
2023-09-07 09:59:15 +01:00
txt_db
Copyright year updates
2023-09-07 09:59:15 +01:00
ui
Copyright year updates
2023-09-07 09:59:15 +01:00
whrlpool
Copyright year updates
2023-09-07 09:59:15 +01:00
x509
Do not include crypto/asn1.h from internal/cryptlib.h
2023-10-19 10:15:56 +02:00
alphacpuid.pl
arm64cpuid.pl
Update copyright year
2022-05-03 13:34:51 +01:00
arm_arch.h
* Enable extra Arm64 optimization on Windows for GHASH, RAND and AES
2023-10-10 15:37:41 +02:00
armcap.c
Update with ARMV8_HAVE_SHA3_AND_WORTH_USING
2023-07-21 10:19:19 +10:00
armv4cpuid.pl
Copyright year updates
2023-09-07 09:59:15 +01:00
asn1_dsa.c
bsearch.c
build.info
Do not include sparse_array.o in libssl
2023-09-22 20:42:48 +02:00
c64xpluscpuid.pl
context.c
Copyright year updates
2023-09-07 09:59:15 +01:00
core_algorithm.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
core_fetch.c
"Reserve" the method store when constructing methods
2022-07-20 07:28:17 +01:00
core_namemap.c
Copyright year updates
2023-09-07 09:59:15 +01:00
cpt_err.c
err: add additional errors
2022-01-12 20:10:21 +11:00
cpuid.c
Copyright year updates
2023-09-28 14:23:29 +01:00
cryptlib.c
Copyright year updates
2023-09-07 09:59:15 +01:00
ctype.c
Copyright year updates
2023-09-07 09:59:15 +01:00
cversion.c
der_writer.c
der_writer: Use uint32_t instead of long.
2022-06-27 10:58:40 +02:00
deterministic_nonce.c
Copyright year updates
2023-09-07 09:59:15 +01:00
dllmain.c
Update copyright year
2022-05-03 13:34:51 +01:00
ebcdic.c
ex_data.c
Fix error handling in CRYPTO_get_ex_new_index
2023-09-21 14:43:08 +02:00
getenv.c
Update copyright year
2022-05-03 13:34:51 +01:00
ia64cpuid.S
info.c
Copyright year updates
2023-09-07 09:59:15 +01:00
init.c
Copyright year updates
2023-09-07 09:59:15 +01:00
initthread.c
Copyright year updates
2023-09-28 14:23:29 +01:00
loongarch64cpuid.pl
Add LoongArch64 cpuid and OPENSSL_loongarchcap_P
2022-10-12 18:02:12 +11:00
loongarch_arch.h
Copyright year updates
2023-09-07 09:59:15 +01:00
loongarchcap.c
Copyright year updates
2023-09-07 09:59:15 +01:00
LPdir_nyi.c
LPdir_unix.c
Copyright year updates
2023-09-07 09:59:15 +01:00
LPdir_vms.c
LPdir_win32.c
LPdir_win.c
LPdir_wince.c
mem_clr.c
mem_sec.c
Copyright year updates
2023-09-07 09:59:15 +01:00
mem.c
Windows: use srand() instead of srandom()
2023-10-13 15:04:42 +02:00
mips_arch.h
o_dir.c
Update copyright year
2022-05-03 13:34:51 +01:00
o_fopen.c
crypto: Fix various typos, repeated words, align some spelling to LDP.
2022-10-12 16:55:01 +11:00
o_init.c
Update copyright year
2022-05-03 13:34:51 +01:00
o_str.c
Copyright year updates
2023-09-28 14:23:29 +01:00
o_time.c
packet.c
Copyright year updates
2023-09-07 09:59:15 +01:00
param_build_set.c
ossl_param_build_set_multi_key_bn(): Do not set NULL BIGNUMs
2023-10-18 18:07:13 +02:00
param_build.c
Copyright year updates
2023-09-07 09:59:15 +01:00
params_dup.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
params_from_text.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
params_idx.c.in
params: provide a faster TRIE based param lookup.
2023-06-02 15:13:20 +10:00
params.c
Copyright year updates
2023-09-07 09:59:15 +01:00
pariscid.pl
passphrase.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
ppccap.c
Update copyright year
2022-05-03 13:34:51 +01:00
ppccpuid.pl
Update copyright year
2022-05-03 13:34:51 +01:00
provider_child.c
Copyright year updates
2023-09-07 09:59:15 +01:00
provider_conf.c
Copyright year updates
2023-09-07 09:59:15 +01:00
provider_core.c
rand: add callbacks to cleanup the user entropy resp. nonce
2023-10-20 09:48:34 +01:00
provider_local.h
make struct provider_info_st a full type
2021-06-24 14:48:15 +01:00
provider_predefined.c
make struct provider_info_st a full type
2021-06-24 14:48:15 +01:00
provider.c
Copyright year updates
2023-09-07 09:59:15 +01:00
punycode.c
Copyright year updates
2023-09-07 09:59:15 +01:00
quic_vlint.c
QUIC: Enable building with QUIC support disabled
2023-01-13 13:20:16 +00:00
README-sparse_array.md
riscv32cpuid.pl
Add RISC-V 32 cpuid support
2022-09-05 10:20:30 +10:00
riscv64cpuid.pl
Add basic RISC-V cpuid and OPENSSL_riscvcap
2022-05-19 16:32:49 +10:00
riscvcap.c
Add basic RISC-V cpuid and OPENSSL_riscvcap
2022-05-19 16:32:49 +10:00
s390x_arch.h
Copyright year updates
2023-09-07 09:59:15 +01:00
s390xcap.c
Copyright year updates
2023-09-07 09:59:15 +01:00
s390xcpuid.pl
self_test_core.c
Update copyright year
2022-05-03 13:34:51 +01:00
sleep.c
Copyright year updates
2023-09-07 09:59:15 +01:00
sparccpuid.S
sparcv9cap.c
Split bignum code out of the sparcv9cap.c
2021-07-15 09:33:04 +02:00
sparse_array.c
Coverity 1507376: Dereference after null check
2022-07-22 14:42:13 +02:00
threads_lib.c
Define threads_lib.c functions only for OPENSSL_SYS_UNIX
2022-11-14 07:47:53 +00:00
threads_none.c
Copyright year updates
2023-09-07 09:59:15 +01:00
threads_pthread.c
Copyright year updates
2023-09-07 09:59:15 +01:00
threads_win.c
Copyright year updates
2023-09-07 09:59:15 +01:00
time.c
Copyright year updates
2023-09-07 09:59:15 +01:00
trace.c
"foo * bar" should be "foo *bar"
2023-09-11 10:15:30 +02:00
uid.c
Copyright year updates
2023-09-07 09:59:15 +01:00
vms_rms.h
x86_64cpuid.pl
x86cpuid.pl