[openssl-commits] [openssl] master update

Kurt Roeckx kurt at openssl.org
Wed Feb 10 19:16:52 UTC 2016 

The branch master has been updated
       via  1c37fd96d89f95202f2e54db8d2834cbf1fd8b88 (commit)
       via  cc9c56894606fdf324933cd8090d9a54d967bf5b (commit)
      from  01a2ade05d4fb5ece6f7574616055d81dd4e1a31 (commit)


- Log -----------------------------------------------------------------
commit 1c37fd96d89f95202f2e54db8d2834cbf1fd8b88
Author: Todd Short <tshort at akamai.com>
Date:   Mon Dec 28 09:41:52 2015 -0500

    Add CHACHA20 alias for ciphers.
    
    Update ciphers documentation as well (based on -04 rev of ID).
    
    Signed-off-by: Kurt Roeckx <kurt at roeckx.be>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    
    RT: #4206, GH: #642

commit cc9c56894606fdf324933cd8090d9a54d967bf5b
Author: Dmitry-Me <wipedout at yandex.ru>
Date:   Wed Feb 10 20:08:09 2016 +0100

    Ensure allocation size fits into size_t
    
    Signed-off-by: Kurt Roeckx <kurt at roeckx.be>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    
    GH: #630

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/scrypt.c  | 15 +++++++++++----
 doc/apps/ciphers.pod | 14 ++++++++++++++
 ssl/ssl_ciph.c       |  4 ++--
 ssl/ssl_locl.h       |  1 +
 4 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/crypto/evp/scrypt.c b/crypto/evp/scrypt.c
index 25b360e..20e5dd4 100644
--- a/crypto/evp/scrypt.c
+++ b/crypto/evp/scrypt.c
@@ -213,6 +213,7 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
     unsigned char *B;
     uint32_t *X, *V, *T;
     uint64_t i, Blen, Vlen;
+    size_t allocsize;
 
     /* Sanity check parameters */
     /* initial check, r,p must be non zero, N >= 2 and a power of 2 */
@@ -242,7 +243,8 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
     Blen = p * 128 * r;
 
     /*
-     * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in uint64_t.
+     * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in
+     * uint64_t and also size_t (their sizes are unrelated).
      * This is combined size V, X and T (section 4)
      */
     i = UINT64_MAX / (32 * sizeof(uint32_t));
@@ -253,11 +255,16 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
     /* check total allocated size fits in uint64_t */
     if (Blen > UINT64_MAX - Vlen)
         return 0;
+    /* check total allocated size fits in size_t */
+    if (Blen > SIZE_MAX - Vlen)
+        return 0;
+
+    allocsize = (size_t)(Blen + Vlen);
 
     if (maxmem == 0)
         maxmem = SCRYPT_MAX_MEM;
 
-    if (Blen + Vlen > maxmem) {
+    if (allocsize > maxmem) {
         EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
         return 0;
     }
@@ -266,7 +273,7 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
     if (key == NULL)
         return 1;
 
-    B = OPENSSL_malloc(Blen + Vlen);
+    B = OPENSSL_malloc(allocsize);
     if (B == NULL)
         return 0;
     X = (uint32_t *)(B + Blen);
@@ -294,7 +301,7 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
     BIO_dump_fp(stderr, (char *)key, keylen);
 #endif
  err:
-    OPENSSL_clear_free(B, Blen + Vlen);
+    OPENSSL_clear_free(B, allocsize);
     return rv;
 }
 #endif
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
index 066f1e6..e3fa4c0 100644
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -280,6 +280,10 @@ while B<AESCCM8> only references 8 octet ICV.
 cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit
 CAMELLIA.
 
+=item B<CHACHA20>
+
+cipher suites using ChaCha20.
+
 =item B<3DES>
 
 cipher suites using triple DES.
@@ -657,6 +661,16 @@ Note: these ciphers can also be used in SSL v3.
  DHE_PSK_WITH_AES_128_CCM_8                DHE-PSK-AES128-CCM8
  DHE_PSK_WITH_AES_256_CCM_8                DHE-PSK-AES256-CCM8
 
+=head2 ChaCha20-Poly1305 cipher suites from draft-ietf-tls-chacha20-poly1305-04, extending TLS v1.2
+
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256      ECDHE-RSA-CHACHA20-POLY1305
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256    ECDHE-ECDSA-CHACHA20-POLY1305
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256        DHE-RSA-CHACHA20-POLY1305
+ TLS_PSK_WITH_CHACHA20_POLY1305_SHA256            PSK-CHACHA20-POLY1305
+ TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256      ECDHE-PSK-CHACHA20-POLY1305
+ TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256        DHE-PSK-CHACHA20-POLY1305
+ TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256        RSA-PSK-CHACHA20-POLY1305
+
 =head1 NOTES
 
 Some compiled versions of OpenSSL may not include all the ciphers
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index ecefc79..8843c41 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -375,8 +375,8 @@ static const SSL_CIPHER cipher_aliases[] = {
      0, 0},
     {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0},
     {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0,
-     0, 0, 0},
+    {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_CHACHA20, 0, 0, 0, SSL_CHACHA20, 0, 0, 0, 0, 0, 0 },
 
     /* MAC aliases */
     {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0},
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index b505309..f10570b 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -364,6 +364,7 @@
 
 # define SSL_AES                 (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8)
 # define SSL_CAMELLIA            (SSL_CAMELLIA128|SSL_CAMELLIA256)
+# define SSL_CHACHA20            (SSL_CHACHA20POLY1305)
 
 /* Bits for algorithm_mac (symmetric authentication) */

More information about the openssl-commits mailing list