Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3D_H6I_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGBILITH0oBfveau-2B895AfNKLoUhEU-2FiAtlsRo2wxsedhnaMEebK867TQytxhEYQXO-2FNgflK416N-2Fsy1LxH0zrldR8dis9-2F-2FskPihaoi2IxXEmpMdmXN5XY-2Bk7sxnDxIQtV-2FbqfSvcZjBmjrI9iAThdDDIe2jLykS50nGgAmy6EBnjljts9kmShEXLizsP-2FLUM-3D Build ID: 493096 Analysis Summary: New defects found: 0 Defects eliminated: 0
[openssl/openssl] 9270f6: demos/mac/cmac-aes256: Clarify the cipher algorith...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 9270f67059e0291a2ef73acfba5a4ac54f732ef9 https://github.com/openssl/openssl/commit/9270f67059e0291a2ef73acfba5a4ac54f732ef9 Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M demos/mac/cmac-aes256.c Log Message: --- demos/mac/cmac-aes256: Clarify the cipher algorithm used The currently used cipher is aes256 which is an alias to AES-256-CBC, so the demo is correct. However it might be misleading so make it clear the CBC mode cipher is used. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19401) Commit: 94976a1e8d9b127999df14c2e0c38e918c2badda https://github.com/openssl/openssl/commit/94976a1e8d9b127999df14c2e0c38e918c2badda Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M doc/man7/EVP_MAC-CMAC.pod M providers/implementations/macs/cmac_prov.c M test/recipes/30-test_evp_data/evpmac_common.txt Log Message: --- cmac_set_ctx_params(): Fail if cipher mode is not CBC Also add negative test cases for CMAC and GMAC using a cipher with wrong mode. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19401) Commit: a0783b83a3bd05a07ea64567995c7642621b4aa6 https://github.com/openssl/openssl/commit/a0783b83a3bd05a07ea64567995c7642621b4aa6 Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M test/evp_extra_test.c Log Message: --- test_CMAC_keygen(): Avoid using ECB cipher with CMAC Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19401) Compare: https://github.com/openssl/openssl/compare/10119e7475bb...a0783b83a3bd
[openssl/openssl] 66c4f1: demos/mac/cmac-aes256: Clarify the cipher algorith...
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: 66c4f141369f29b61159a9f77e33e15b9d1c6638 https://github.com/openssl/openssl/commit/66c4f141369f29b61159a9f77e33e15b9d1c6638 Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M demos/mac/cmac-aes256.c Log Message: --- demos/mac/cmac-aes256: Clarify the cipher algorithm used The currently used cipher is aes256 which is an alias to AES-256-CBC, so the demo is correct. However it might be misleading so make it clear the CBC mode cipher is used. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19401) (cherry picked from commit 9270f67059e0291a2ef73acfba5a4ac54f732ef9) Commit: d90a4c7d5a18300153340a6d54e7aba03eebe268 https://github.com/openssl/openssl/commit/d90a4c7d5a18300153340a6d54e7aba03eebe268 Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M doc/man7/EVP_MAC-CMAC.pod M providers/implementations/macs/cmac_prov.c M test/recipes/30-test_evp_data/evpmac_common.txt Log Message: --- cmac_set_ctx_params(): Fail if cipher mode is not CBC Also add negative test cases for CMAC and GMAC using a cipher with wrong mode. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19401) (cherry picked from commit 94976a1e8d9b127999df14c2e0c38e918c2badda) Commit: 66ecce223cedb46e7b56fcce0a1e9b3b09ee8ae5 https://github.com/openssl/openssl/commit/66ecce223cedb46e7b56fcce0a1e9b3b09ee8ae5 Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M test/evp_extra_test.c Log Message: --- test_CMAC_keygen(): Avoid using ECB cipher with CMAC Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19401) (cherry picked from commit a0783b83a3bd05a07ea64567995c7642621b4aa6) Compare: https://github.com/openssl/openssl/compare/985eb23fbf83...66ecce223ced
[openssl/openssl] 729295: Use libctx when generating DH parameters
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: 729295023af4598efa6ce5b4ead0dab73345816c https://github.com/openssl/openssl/commit/729295023af4598efa6ce5b4ead0dab73345816c Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M crypto/dh/dh_gen.c Log Message: --- Use libctx when generating DH parameters Reviewed-by: Dmitry Belyavskiy Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19635) (cherry picked from commit 990d280da95d3c955b86f38b01f5b95ea88d42bb) Commit: 985eb23fbf83c1b83ca13798a9c84c8abfe7edc9 https://github.com/openssl/openssl/commit/985eb23fbf83c1b83ca13798a9c84c8abfe7edc9 Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M test/evp_extra_test2.c Log Message: --- Add test for generating safeprime DH parameters Reviewed-by: Dmitry Belyavskiy Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19635) (cherry picked from commit 10119e7475bb198e13b1722b186303b8a7528dfe) Compare: https://github.com/openssl/openssl/compare/c6fb30f488f6...985eb23fbf83
[openssl/openssl] 0f68f5: Use libctx when generating DH parameters
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 0f68f59dd4517fd462aad6432401167e1086d833 https://github.com/openssl/openssl/commit/0f68f59dd4517fd462aad6432401167e1086d833 Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M crypto/dh/dh_gen.c Log Message: --- Use libctx when generating DH parameters Reviewed-by: Dmitry Belyavskiy Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19635) (cherry picked from commit 990d280da95d3c955b86f38b01f5b95ea88d42bb) Commit: b697ae10287f1bf6ee3cb2af256096f11f520d21 https://github.com/openssl/openssl/commit/b697ae10287f1bf6ee3cb2af256096f11f520d21 Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M test/evp_extra_test2.c Log Message: --- Add test for generating safeprime DH parameters Reviewed-by: Dmitry Belyavskiy Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19635) (cherry picked from commit 10119e7475bb198e13b1722b186303b8a7528dfe) Compare: https://github.com/openssl/openssl/compare/2fee530c86d5...b697ae10287f
[openssl/openssl] 990d28: Use libctx when generating DH parameters
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 990d280da95d3c955b86f38b01f5b95ea88d42bb https://github.com/openssl/openssl/commit/990d280da95d3c955b86f38b01f5b95ea88d42bb Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M crypto/dh/dh_gen.c Log Message: --- Use libctx when generating DH parameters Reviewed-by: Dmitry Belyavskiy Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19635) Commit: 10119e7475bb198e13b1722b186303b8a7528dfe https://github.com/openssl/openssl/commit/10119e7475bb198e13b1722b186303b8a7528dfe Author: Tomas Mraz Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M test/evp_extra_test2.c Log Message: --- Add test for generating safeprime DH parameters Reviewed-by: Dmitry Belyavskiy Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19635) Compare: https://github.com/openssl/openssl/compare/8aa82b337081...10119e7475bb
[openssl/openssl] a2bdca: AES-GCM performance optimzation with stitched meth...
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: a2bdca6fe666c3a0a13e7f0a51626715608f8597 https://github.com/openssl/openssl/commit/a2bdca6fe666c3a0a13e7f0a51626715608f8597 Author: Danny Tsen Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: A crypto/modes/asm/aes-gcm-ppc.pl M crypto/modes/build.info M include/crypto/aes_platform.h M providers/implementations/ciphers/cipher_aes_gcm_hw.c A providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc Log Message: --- AES-GCM performance optimzation with stitched method for p9+ ppc64le Assembly code reviewed by Shricharan Srivatsan Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/16854) (cherry picked from commit 44a563dde1584cd9284e80b6e45ee5019be8d36c) Commit: 34ca334e5de6837f2c6bc0b0b0df28bdd237e4d7 https://github.com/openssl/openssl/commit/34ca334e5de6837f2c6bc0b0b0df28bdd237e4d7 Author: XiaokangQian Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M crypto/arm64cpuid.pl M crypto/arm_arch.h M crypto/armcap.c A crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl M crypto/modes/asm/ghashv8-armx.pl M crypto/modes/build.info M include/crypto/aes_platform.h M providers/implementations/ciphers/cipher_aes_gcm_hw_armv8.inc Log Message: --- Optimize AES-GCM for uarchs with unroll and new instructions Increase the block numbers to 8 for every iteration. Increase the hash table capacity. Make use of EOR3 instruction to improve the performance. This can improve performance 25-40% on out-of-order microarchitectures with a large number of fast execution units, such as Neoverse V1. We also see 20-30% performance improvements on other architectures such as the M1. Assembly code reviewd by Tom Cosgrove (ARM). Reviewed-by: Bernd Edlinger Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/15916) (cherry picked from commit 954f45ba4c504570206ff5bed811e512cf92dc8e) Commit: e8f1d76b50204d87a0ef7f6879eb1dd507a54368 https://github.com/openssl/openssl/commit/e8f1d76b50204d87a0ef7f6879eb1dd507a54368 Author: Juergen Christ Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M test/params_api_test.c Log Message: --- Fix endianness problem in params_api_test On a big endian machine, we get test failures in params_api_test like # ERROR: (memory) 'buf1 == buf2' failed @ test/params_api_test.c:473 # --- buf1 # +++ buf2 # :-e901 # :+01e9 # # # OPENSSL_TEST_RAND_ORDER=1643313367 not ok 157 - iteration 3 They are due to an additional conversion copy. Remove this copy to solve the problem. Signed-off-by: Juergen Christ Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17608) (cherry picked from commit 9927749ec2b8fc4b6146f0bd54cb6a44b8295974) Commit: bc15591d7d36f0c8c9979057da489203c9aa3663 https://github.com/openssl/openssl/commit/bc15591d7d36f0c8c9979057da489203c9aa3663 Author: Patrick Uiterwijk Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M doc/man7/EVP_KDF-KB.pod M include/openssl/core_names.h M providers/implementations/kdfs/kbkdf.c M test/evp_kdf_test.c M test/evp_test.c M test/recipes/30-test_evp.t A test/recipes/30-test_evp_data/evpkdf_kbkdf_counter.txt Log Message: --- Support different R_BITS lengths for KBKDF Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17063) (cherry picked from commit 0e9a265e42890699dfce82f1ff6905de6aafbd41) Commit: a262d4ff1816159686d9e95ee79f0b2a5cf596b6 https://github.com/openssl/openssl/commit/a262d4ff1816159686d9e95ee79f0b2a5cf596b6 Author: Pauli Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M providers/common/include/prov/provider_util.h M providers/common/provider_util.c Log Message: --- prov: add a safe memdup function for context cloning Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/17572) (cherry picked from commit 5b030ec0800d4ad6022ecd00e18a19f77ada0b04) Reviewed-by: Hugo Landau Commit: f46befd667e808df56b6351e3056025503badf85 https://github.com/openssl/openssl/commit/f46befd667e808df56b6351e3056025503badf85 Author: Pauli Date: 2022-11-11 (Fri, 11 Nov 2022) Changed paths: M test/evp_test.c Log Message: --- evp_test: add a ctx dup operation to the KDF tests Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/17572) (cherry picked from commit c8adf19d2da318cd7b007753d6c8a7f9dc94d4ed) Reviewed-by: Hugo Landau Commit: 34d2a072a9cd85e72a118fa831f2dfd5d07854c4