generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Emilia Kasper 96e1015eec RT3066: rewrite RSA padding checks to be slightly more constant time. 
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Conflicts:
	crypto/rsa/rsa_oaep.c
2014-09-24 14:39:44 +02:00
..
.cvsignore
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
bio_ssl.c
PR: 2529
2011-05-25 15:15:43 +00:00
d1_both.c
Remove some duplicate DTLS code.
2014-08-06 22:02:00 +01:00
d1_clnt.c
Fix DTLS anonymous EC(DH) denial of service
2014-08-06 22:02:00 +01:00
d1_enc.c
Update DTLS code to match CBC decoding in TLS.
2013-02-05 16:50:33 +00:00
d1_lib.c
Free up s->d1->buffered_app_data.q properly.
2014-06-02 14:40:45 +01:00
d1_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
d1_pkt.c
DTLS message_sequence number wrong in rehandshake ServerHello
2013-08-13 19:00:59 +01:00
d1_srvr.c
Fix DTLS certificate requesting code.
2014-07-15 18:24:14 +01:00
dtls1.h
PR: 2230
2010-04-14 00:17:12 +00:00
install.com
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
2009-05-15 16:37:29 +00:00
kssl_lcl.h
To avoid commit wars over dependencies, let's make it so things that
2001-10-10 07:55:02 +00:00
kssl.c
Submitted by: Tomas Hoger <thoger@redhat.com>
2010-03-03 15:34:11 +00:00
kssl.h
Make kerberos ciphersuite code work with newer header files
2005-04-09 23:55:55 +00:00
Makefile
Constant-time utilities
2014-08-28 17:28:42 +02:00
s2_clnt.c
Add and use a constant-time memcmp.
2013-02-05 16:50:32 +00:00
s2_enc.c
ensure that the EVP_CIPHER_CTX object is initialized
2007-02-16 20:40:07 +00:00
s2_lib.c
Update from HEAD.
2007-01-21 16:07:25 +00:00
s2_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
s2_pkt.c
Add and use a constant-time memcmp.
2013-02-05 16:50:32 +00:00
s2_srvr.c
Assorted bugfixes:
2011-02-03 12:04:48 +00:00
s3_both.c
Add and use a constant-time memcmp.
2013-02-05 16:50:32 +00:00
s3_cbc.c
RT3066: rewrite RSA padding checks to be slightly more constant time.
2014-09-24 14:39:44 +02:00
s3_clnt.c
Fixed error introduced in commit f2be92b94dad3c6cbdf79d99a324804094cf1617
2014-09-22 06:31:05 +10:00
s3_enc.c
Fix alert handling.
2014-03-27 00:54:16 +00:00
s3_lib.c
Fix compilation with this branch's definition of SSL_CIPHER.
2013-10-04 14:55:01 +01:00
s3_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
s3_pkt.c
RT3060: Limit the number of empty records.
2014-08-22 15:53:34 +02:00
s3_srvr.c
Don't limit message sizes in ssl3_get_cert_verify.
2014-07-05 13:32:40 +01:00
s23_clnt.c
Fix alert handling.
2014-03-27 00:54:16 +00:00
s23_lib.c
Fix ECC SSLv2 exclusion on OpenSSL 0.9.8.
2014-07-07 13:00:07 +01:00
s23_meth.c
make "./configure no-ssl2" work again
2006-01-15 16:57:01 +00:00
s23_pkt.c
Reorder inclusion of header files:
2002-07-10 07:01:54 +00:00
s23_srvr.c
Fix protocol downgrade bug in case of fragmented packets
2014-08-06 22:02:00 +01:00
ssl2.h
Implement msg_callback for SSL 2.0.
2001-11-10 01:16:28 +00:00
ssl3.h
Fix for CVE-2014-0224
2014-06-03 16:30:23 +01:00
ssl23.h
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
ssl_algs.c
Add SHA2 algorithms to SSL_library_init(). Although these aren't used
2010-04-07 13:19:48 +00:00
ssl_asn1.c
Fix gcc 4.6 warnings. Check TLS server hello extension length.
2010-06-12 13:18:58 +00:00
ssl_cert.c
PR: 1731 and maybe 2197
2010-03-24 23:16:35 +00:00
ssl_ciph.c
Fix off-by-one errors in ssl_cipher_get_evp()
2014-06-22 23:26:33 +01:00
ssl_err2.c
Use new-style system-id macros everywhere possible. I hope I haven't
2001-02-20 08:13:47 +00:00
ssl_err.c
Fix alert handling.
2014-03-27 00:54:16 +00:00
ssl_lib.c
Check sk_SSL_CIPHER_num() after assigning sk.
2014-05-12 23:07:44 +01:00
ssl_locl.h
ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility.
2013-02-07 15:03:00 +00:00
ssl_rsa.c
PR: 1411
2009-09-12 23:09:59 +00:00
ssl_sess.c
PR: 2160
2010-02-01 16:48:40 +00:00
ssl_stat.c
Don't disable state strings with no-ssl2
2014-06-28 00:57:18 +01:00
ssl_task.c
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
ssl_txt.c
Add strings for DTLS protocol versions
2010-01-16 19:02:43 +00:00
ssl-lib.com
Add t1_reneg to the VMS build.
2010-02-22 07:05:24 +00:00
ssl.h
Fix alert handling.
2014-03-27 00:54:16 +00:00
ssltest.c
Fix in ssltest is no-ssl2 configured
2013-02-11 18:27:33 +00:00
t1_clnt.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
t1_enc.c
Fix for non compilation with TLS_DEBUG defined
2014-05-25 00:02:38 +01:00
t1_lib.c
Fix memory leak.
2014-06-29 13:54:21 +01:00
t1_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
t1_reneg.c
Update RI to match latest spec.
2009-12-27 23:03:40 +00:00
t1_srvr.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
tls1.h
Backport TLS 1.1/1.2 #defines
2013-10-04 14:55:01 +01:00