f86acc9434
EVP_DecodeUpdate() should not produce zeros for input padding `=` signs to avoid writing to non-allocated memory regions. To achieve this: - Add `eof` parameter to `evp_decodeblock_int` function in `openssl/crypto/evp`. The parameter should either contain the number of the input padding characters to ignore or `-1` if the function has to count them. - Use precalculated `eof` in `EVP_DecodeUpdate` to fix its behaviour. - Use `eof = -1` in `EVP_DecodeFinal` to count it in `evp_decodeblock_int`. - Do not ignore padding in `EVP_DecodeBlock` (`eof = 0`) because it should write padding zeros according to the documentation. - Add the HISTORY section to EVP_EncodeInit documentation to describe the fix. Other changes: - Update AUTHORS.md - Update the copyright date in the documentation. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26678) |
||
|---|---|---|
| .. | ||
| designs | ||
| HOWTO | ||
| images | ||
| internal | ||
| life-cycles | ||
| man1 | ||
| man3 | ||
| man5 | ||
| man7 | ||
| build.info | ||
| build.info.in | ||
| dir-locals.example.el | ||
| fingerprints.txt | ||
| openssl-c-indent.el | ||
| perlvars.pm | ||
| README.md | ||
OpenSSL Documentation
README.md This file
fingerprints.txt PGP fingerprints of authorised release signers
standards.txt standards.txt Moved to the web, https://www.openssl.org/docs/standards.html
HOWTO/ A few how-to documents; not necessarily up-to-date
man1/ The openssl command-line tools; start with openssl.pod
man3/ The SSL library and the crypto library
man5/ File formats
man7/ Overviews; start with crypto.pod and ssl.pod, for example Algorithm specific EVP_PKEY documentation.
Formatted versions of the manpages (apps,ssl,crypto) can be found at https://www.openssl.org/docs/manpages.html