EVP_DecodeUpdate() should not produce zeros for input padding `=` signs to avoid writing to non-allocated memory regions.
To achieve this:
- Add `eof` parameter to `evp_decodeblock_int` function in `openssl/crypto/evp`. The parameter should either contain the number of the input padding characters to ignore or `-1` if the function has to count them.
- Use precalculated `eof` in `EVP_DecodeUpdate` to fix its behaviour.
- Use `eof = -1` in `EVP_DecodeFinal` to count it in `evp_decodeblock_int`.
- Do not ignore padding in `EVP_DecodeBlock` (`eof = 0`) because it should write padding zeros according to the documentation.
- Add the HISTORY section to EVP_EncodeInit documentation to describe the fix.
Other changes:
- Update AUTHORS.md
- Update the copyright date in the documentation.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26678)
- When used as KEMs in TLS the ECDHE algorithms are NOT subjected to
HPKE Extract/Expand key derivation. Instead the TLS HKDF is used
as usual.
- Consequently these KEMs are just the usual ECDHE key exchange
operations, be it with the encap ECDH private key unavoidably
ephemeral.
- A new "MLX" KEM provider is added that supports four hybrids of EC/ECX
DH with ML-KEM:
* ML-KEM-768 + X25519
* ML-KEM-1024 + X448
* P-256 + ML-KEM-768
* P-384 + ML-KEM-1024
- Support listing of implemented TLS groups.
The SSL_CTX_get0_implemented_groups() function and new
`openssl list -tls-groups` and `openssl list -all-tls-groups`
commands make it possible to determine which groups are
implemented by the SSL library for a particular TLS version
or range of versions matching an SSL_CTX.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26220)
The goal is to transform the standard documents
README, INSTALL, SUPPORT, CONTRIBUTING, ...
from a pure text format into markdown format, but in such a way
that the documentation remains nicely formatted an easy readable
when viewed with an normal text editor.
To achieve this goal, we use a special form of 'minimalistic' markdown
which interferes as little as possible with the reading flow.
* avoid [ATX headings][] and use [setext headings][] instead
(works for `<h1>` and `<h2>` headings only).
* avoid [inline links][] and use [reference links][] instead.
* avoid [fenced code blocks][], use [indented-code-blocks][] instead.
The transformation will take place in several steps. This commit
introduces mostly changes the formatting and does not chang the
content significantly.
[ATX headings]: https://github.github.com/gfm/#atx-headings
[setext headings]: https://github.github.com/gfm/#setext-headings
[inline links]: https://github.github.com/gfm/#inline-link
[reference links]: https://github.github.com/gfm/#reference-link
[fenced code blocks]: https://github.github.com/gfm/#fenced-code-blocks
[indented code blocks]: https://github.github.com/gfm/#indented-code-blocks
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10545)
In the first step, we just add the .md extension and move some
files around, without changing any content. These changes will
occur in the following commits.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10545)
