However, on teardown, OpenSSL's engine_free_util() is invoking engine_pkey_meths_free() and engine_pkey_asn1_meths_free(). Both of which iterate the list of registered methods, and invoke EVP_PKEY_meth_free() on each on of them. Only after OpenSSL freed these methods it calls the...
Under low memory a crash was observed with openssl-1.0.2j: I think the reason is that pmeth->init fails in int_ctx_new or pmeth->copy fails in EVP_PKEY_CTX_dup due to OOM, calling pmeth->cleanup can crash. As a workaround set pmeth to zero before calling EVP_PKEY_CTX_free ...
+ EVP_PKEY_free(pkey); + _cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Unable to create X.509 certificate."), 1); + return (0); + } + + curtime = time(NULL); + + notBefore = ASN1_TIME_new(); + ASN1_TIME_set(notBefore, curtime); + X509_set_notBefore(cert,...
A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when ...
Used as part of the TLS key establishment protocol EVP_PKEY_free() FIPS_drbg_free() FIPS_drbg_free() SSL_free(), SSL_clear() Table 10: CSP Table Oracle Linux 7 OpenSSL Cryptographic Module Security Policy Page 22 of 35 8.1 Random Number Generation The module employs the Deterministic ...
o Enhanced EVP interface. [1] The support for external crypto devices is currently a separate distribution. See the file README.ENGINE. Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]: o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 ...
对应的是rsa算法的公钥部分if(!RSA_set0_key(rsa,n,e,NULL)){LOG_ERROR(Tag,"RSA_set0_key(rsa, n, e, NULL)");gotoend;}n=NULL;e=NULL;ret=1;end:BN_free(n);BN_free(e);returnret;}staticintskf_load_rsa_client_cert(X509**pcert,EVP_PKEY**ppkey){constchar*operation="load rsa ...
The EVP_PKEY_fromdata function has been augmented to allow for the derivation of CRT (Chinese Remainder Theorem) parameters when requested Added API functions SSL_SESSION_get_time_ex(), SSL_SESSION_set_time_ex() using time_t which is Y2038 safe on 32 bit systems when 64 bit time is ena...
The 3.0.6 release has an issue as follows: 05-test_pbe.t ... ok # ERROR: (bool) 'EVP_RAND_generate(z, buf2, sizeof(buf2), 0, 1, NULL, 0) == true' failed @ /home/jenkins/.jenkins/workspace/OpenSSL-3.0_Pipeline/test/drbg...
Patch61: Pass-an-EVP_PKEY-for-SSL_SECOP_TMP_DH-in-the-securit.patch Patch62: Avoid-potential-doublefree-on-dh-object-assigned-to-.patch Patch63: Fix-AES-GCM-bug-on-aarch64-BigEndian.patch Patch64: crypto-poly1305-asm-fix-armv8-pointer-authentication.patch Patch65: Verification-zero...