generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
11,759 Commits 16 Branches 258 Tags
Commit Graph

19 Commits

Author SHA1 Message Date
Matt Caswell
1a3701f4fe Sanity check EVP_CTRL_AEAD_TLS_AAD 
The various implementations of EVP_CTRL_AEAD_TLS_AAD expect a buffer of at
least 13 bytes long. Add sanity checks to ensure that the length is at
least that. Also add a new constant (EVP_AEAD_TLS1_AAD_LEN) to evp.h to
represent this length. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit c8269881093324b881b81472be037055571f73f3)

Conflicts:
	ssl/record/ssl3_record.c
 2015-04-30 23:21:50 +01:00
Matt Caswell
ae5c8664e5 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:31:38 +00:00
Matt Caswell
f3b6ee30f4 Move more comments that confuse indent 
Conflicts:
	crypto/dsa/dsa.h
	demos/engines/ibmca/hw_ibmca.c
	ssl/ssl_locl.h

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:28:49 +00:00
Andy Polyakov
b698c427de crypto/evp/e_aes_cbc_hmac_sha[1|256].c: fix compiler warnings. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 2893a302a9b6a70161d1859d985a52af11b2195d)
 2014-08-20 22:20:21 +02:00
Felix Laurie von Massenbach
6657e68bf2 Fix shadow declaration. 
(cherry picked from commit 1f61d8b5b1bda282015236fe9860d2f6de127356)
 2014-06-17 18:36:48 +01:00
Andy Polyakov
79b960c046 evp/e_aes_cbc_sha[1|256].c: fix -DPEDANTIC build. 
(cherry picked from commit ce00c64df9eb78402950e179b54e7745210b04f2)
 2014-06-14 23:16:29 +02:00
Andy Polyakov
aff78bb39a ssl/s3_pkt.c: detect RAND_bytes error in multi-block. 
(cherry picked from commit 701134320a94908d8c0ac513741cab41e215a7b5)
 2014-02-14 17:45:33 +01:00
Andy Polyakov
fcc6f699e3 evp/e_aes_cbc_hmac_sha*.c: improve cache locality. 
(cherry picked from commit 9587429fa07a34066107e926fbc8708220f058fa)
 2014-02-13 14:41:10 +01:00
Andy Polyakov
41cf2d2518 evp/e_aes_cbc_hmac_sha[1|256].c: add multi-block implementations [from master]. 2014-02-05 19:52:38 +01:00
Andy Polyakov
dd1e4fbcc0 e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms. 
PR: 3002
(cherry picked from commit 5c60046553716fcf160718f59160493194f212dc)
 2013-03-18 19:35:20 +01:00
Andy Polyakov
82425f2c28 e_aes_cbc_hmac_sha1.c: align calculated MAC at cache line. 
It also ensures that valgring is happy.
(cherry picked from commit 2141e6f30b1fd2906830fd23d8eae71fe72acc47)
 2013-02-08 10:35:02 +01:00
Andy Polyakov
af010edd55 e_aes_cbc_hmac_sha1.c: cleanse temporary copy of HMAC secret. 
(cherry picked from commit 529d27ea472fc2c7ba9190a15a58cb84012d4ec6)
 2013-02-06 13:56:15 +00:00
Andy Polyakov
5966f4d973 e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. 
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
(cherry picked from commit 125093b59f3c2a2d33785b5563d929d0472f1721)
 2013-02-06 13:56:15 +00:00
Dr. Stephen Henson
e51ec51af9 revert more "version skew" changes that break FIPS builds 2012-06-10 23:02:06 +00:00
Ben Laurie
68d2cf51bc Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
Andy Polyakov
eb8a65db16 e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag 
countermeasure [from HEAD].

PR: 2778
 2012-04-15 14:23:26 +00:00
Dr. Stephen Henson
7b23c126e6 undef some symbols that cause problems with make depend for fips builds 2012-01-18 01:40:36 +00:00
Dr. Stephen Henson
7d453a3b49 Fix warnings (from HEAD). 2011-09-10 21:18:37 +00:00
Andy Polyakov
84e7485bfb Add RC4-MD5 and AESNI-SHA1 "stitched" implementations [from HEAD]. 2011-08-23 20:53:34 +00:00