* Fixed a bug where the RC4-MD5 ciphersuite incorrectly used the
AAD data as the MAC key ([CVE-2022-1434])
* Fix a bug in the OPENSSL_LH_flush() function that breaks reuse of the memory
- occuppied by the removed hash table entries ([CVE-2022-1473])
+ occupied by the removed hash table entries ([CVE-2022-1473])
### Major changes between OpenSSL 3.0.1 and OpenSSL 3.0.2 [15 Mar 2022]
=item I<recipient-cert> ...
This is an alternative to using the B<-recip> option when encrypting a message.
-One or more certificate filennames may be given.
+One or more certificate filenames may be given.
=item B<-I<cipher>>
supporting APIs for cryptography related standards, e.g. for reading and writing
digital certificates (also known as X.509 certificates). Finally it also
supplies various additional supporting APIs that are not directly cryptography
-related but are nonetheless useful and dependended upon by other APIs. For
+related but are nonetheless useful and depended upon by other APIs. For
example the "BIO" functions provide capabilities for abstracting I/O, e.g. via a
file or over a network.
The C<libssl> library provides functions to perform secure communication between
-two peers across a network. Most signficiantly it implements support for the
+two peers across a network. Most significantly it implements support for the
SSL/TLS, DTLS and QUIC standards.
The C<libssl> library depends on and uses many of the capabilities supplied by
if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
return 0;
- PROV_DRBG_VERYIFY_ZEROIZATION(ctr->K);
- PROV_DRBG_VERYIFY_ZEROIZATION(ctr->V);
- PROV_DRBG_VERYIFY_ZEROIZATION(ctr->bltmp);
- PROV_DRBG_VERYIFY_ZEROIZATION(ctr->KX);
+ PROV_DRBG_VERIFY_ZEROIZATION(ctr->K);
+ PROV_DRBG_VERIFY_ZEROIZATION(ctr->V);
+ PROV_DRBG_VERIFY_ZEROIZATION(ctr->bltmp);
+ PROV_DRBG_VERIFY_ZEROIZATION(ctr->KX);
if (ctr->bltmp_pos != 0)
goto err;
if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
return 0;
- PROV_DRBG_VERYIFY_ZEROIZATION(hash->V);
- PROV_DRBG_VERYIFY_ZEROIZATION(hash->C);
- PROV_DRBG_VERYIFY_ZEROIZATION(hash->vtmp);
+ PROV_DRBG_VERIFY_ZEROIZATION(hash->V);
+ PROV_DRBG_VERIFY_ZEROIZATION(hash->C);
+ PROV_DRBG_VERIFY_ZEROIZATION(hash->vtmp);
ret = 1;
err:
if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
return 0;
- PROV_DRBG_VERYIFY_ZEROIZATION(hmac->K);
- PROV_DRBG_VERYIFY_ZEROIZATION(hmac->V);
+ PROV_DRBG_VERIFY_ZEROIZATION(hmac->K);
+ PROV_DRBG_VERIFY_ZEROIZATION(hmac->V);
ret = 1;
err:
OSSL_FUNC_rand_clear_seed_fn ossl_drbg_clear_seed;
/* Verify that an array of numeric values is all zero */
-#define PROV_DRBG_VERYIFY_ZEROIZATION(v) \
+#define PROV_DRBG_VERIFY_ZEROIZATION(v) \
{ \
size_t i; \
\
* b2 must equal b1 (validated unless ACCEPT_MOVING_WRITE_BUFFER)
* l2 must equal l1 (always validated)
* append into sstream from [b2 + aon_buf_pos, b2 + aon_buf_len)
- * if done, aon_write_in_progess=0
+ * if done, aon_write_in_progress=0
*
*/
/* Is an AON write in progress? */
*/
/*
- * SRP is deprecated and there is no replacent. When SRP is removed, the code in
- * this file can be removed too. Until then we have to use the deprecated APIs.
+ * SRP is deprecated and there is no replacement. When SRP is removed,
+ * the code in this file can be removed too. Until then we have to use
+ * the deprecated APIs.
*/
#define OPENSSL_SUPPRESS_DEPRECATED
/*
* Output a failed test first line.
- * All items are optional are generally not preinted if passed as NULL.
+ * All items are optional are generally not printed if passed as NULL.
* The special cases are for prefix where "ERROR" is assumed and for left
* and right where a non-failure message is produced if either is NULL.
*/
projects / thirdparty / openssl.git / commitdiff
