YuOpenSSL is a Delphi port of the OpenSSL cryptography and SSL/TSL library. All code is statically compiled into applications. OpenSSL DLLs are not needed. Over 5000 functions, procedures, constants, and types are ready to use in a single Delphi unit.
BN_mod_sqrt
function that can cause it to loop forever for non-prime moduli (CVE-2022-0778). Vulnerable situations include:BN_mod_sqrt
where the attacker can control the parameter values are vulnerable to this DoS issue.ENGINE_…
constants.PKCS7_…
types.GENERAL_NAME_cmp
(CVE-2020-1971).EVP_VerifyInit
, EVP_VerifyInit_ex
, and EVP_VerifyUpdate
, ported from OpenSSL macros.