generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/crypto
History
Emilia Kasper 9bed73adaa RT3066: rewrite RSA padding checks to be slightly more constant time. 
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Conflicts:
	crypto/rsa/rsa_oaep.c
	crypto/rsa/rsa_pk1.c
	ssl/s3_cbc.c
2014-09-24 12:47:19 +02:00
..
aes
x86[_64] assembly pack: add Silvermont performance data.
2014-08-30 19:14:49 +02:00
asn1
Add i2d_re_X509_tbs
2014-09-23 18:20:26 +02:00
bf
Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA
2011-08-14 13:47:30 +00:00
bio
Fix memory leak in BIO_free if there is no destroy function.
2014-07-09 23:32:18 +01:00
bn
Harmonize Tru64 and Linux make rules.
2014-09-20 10:22:13 +02:00
buffer
Check length first in BUF_strnlen().
2014-05-22 10:12:10 +01:00
camellia
camellia/asm/cmll-x86_64.pl: fix symptomless bugs (update from master).
2014-02-01 23:14:33 +01:00
cast
Please Clang's sanitizer.
2014-07-09 22:45:38 +02:00
cmac
oops, macro not present in OpenSSL 1.0.2
2012-04-11 15:10:48 +00:00
cms
Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259).
2014-07-10 17:49:53 +01:00
comp
Assorted bugfixes:
2011-02-03 12:03:57 +00:00
conf
Prevent infinite loop loading config files.
2014-07-07 13:54:11 +01:00
des
SPARC T4 assembly pack: treat zero input length in CBC.
2014-03-07 10:48:51 +01:00
dh
dh_check.c: check BN_CTX_get's return value.
2014-03-06 14:21:17 +01:00
dsa
RT3192: spurious error in DSA verify
2014-09-09 17:10:57 -04:00
dso
Fix a wrong parameter count ERR_add_error_data
2014-05-19 22:15:27 +01:00
ec
crypto/ecp_nistz256.c: harmonize error codes.
2014-09-22 00:11:04 +02:00
ecdh
make update
2013-12-01 23:09:44 +00:00
ecdsa
Reserve option to use BN_mod_exp_mont_consttime in ECDSA.
2014-09-22 00:07:44 +02:00
engine
Please Clang's sanitizer, addendum.
2014-07-09 22:45:52 +02:00
err
Don't include comp.h if no-comp set.
2013-01-20 01:10:03 +00:00
evp
Fix build when BSAES_ASM is defined but VPAES_ASM is not
2014-08-21 15:48:10 +02:00
hmac
RT2626: Change default_bits from 1K to 2K
2014-09-08 17:23:37 -04:00
idea
Fix typo in ideatest.c
2014-06-28 00:06:32 +01:00
jpake
RT1771: Add string.h include.
2014-09-08 10:38:08 -04:00
krb5
Further BUILDENV refinement, further fool-proofing of Makefiles and
2005-05-16 16:55:47 +00:00
lhash
Revert lhash patch for PR#2124
2009-12-09 15:00:20 +00:00
md2
Prohibit use of low level digest APIs in FIPS mode.
2011-06-01 13:39:45 +00:00
md4
Fix some clang warnings.
2013-01-13 21:06:36 +00:00
md5
md5-x86_64.pl: work around warning.
2014-08-30 19:18:12 +02:00
mdc2
Reduce version skew: trivia (I hope).
2012-06-03 22:03:37 +00:00
modes
Harmonize Tru64 and Linux make rules.
2014-09-20 10:22:13 +02:00
objects
Fix OID handling:
2014-08-06 20:41:24 +01:00
ocsp
RT2560: missing NULL check in ocsp_req_find_signer
2014-09-10 12:20:15 -04:00
pem
RT3140: Possibly-unit variable in pem_lib.c
2014-09-02 23:38:15 -04:00
perlasm
perlasm/x86_64-xlate.pl: handle inter-bank movd.
2014-09-22 00:07:44 +02:00
pkcs7
Remove ancient obsolete files under pkcs7.
2014-06-27 13:53:23 +01:00
pkcs12
Fix memory leak.
2014-05-29 13:49:50 +01:00
pqueue
RT2308: Add extern "C" { ... } wrapper
2014-08-27 21:45:09 -04:00
rand
RT2301: GetDIBits, not GetBitmapBits in rand_win
2014-09-18 16:42:07 -04:00
rc2
make update
2013-01-15 16:24:07 +00:00
rc4
Please Clang's sanitizer.
2014-07-09 22:45:38 +02:00
rc5
Intel compiler support update from HEAD.
2012-11-28 13:12:09 +00:00
ripemd
Fix some clang warnings.
2013-01-13 21:06:36 +00:00
rsa
RT3066: rewrite RSA padding checks to be slightly more constant time.
2014-09-24 12:47:19 +02:00
seed
Revert "version skew" patches that break FIPS compilation
2012-06-09 23:36:38 +00:00
sha
Harmonize Tru64 and Linux make rules.
2014-09-20 10:22:13 +02:00
srp
Fix SRP buffer overrun vulnerability.
2014-08-06 20:41:24 +01:00
stack
RT2308: Add extern "C" { ... } wrapper
2014-08-27 21:45:09 -04:00
store
Make it possible to disable STORE.
2009-02-19 09:42:51 +00:00
threads
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
2009-05-15 16:37:08 +00:00
ts
Fix double frees.
2014-04-22 17:00:52 +01:00
txt_db
Change STRING to OPENSSL_STRING etc as common words such
2009-07-27 21:08:53 +00:00
ui
* crypto/ui/ui_lib.c: misplaced brace in switch statement.
2014-07-13 19:13:38 +02:00
whrlpool
wp-mmx.pl: ~10% performance improvement.
2014-02-01 22:27:07 +01:00
x509
Add i2d_re_X509_tbs
2014-09-23 18:20:26 +02:00
x509v3
RT3031: Need to #undef some names for win32
2014-09-08 11:06:07 -04:00
.cvsignore
Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev
2008-04-17 10:19:16 +00:00
alphacpuid.pl
Alpha assembler fixed from HEAD.
2011-08-12 12:31:08 +00:00
arm64cpuid.S
Add linux-aarch64 taget.
2014-06-10 23:20:55 +02:00
arm_arch.h
Add linux-aarch64 taget.
2014-06-10 23:20:55 +02:00
armcap.c
Add linux-aarch64 taget.
2014-06-10 23:20:55 +02:00
armv4cpuid.S
ARM assembly pack: get ARMv7 instruction endianness right.
2014-06-10 22:51:15 +02:00
constant_time_locl.h
RT3066: rewrite RSA padding checks to be slightly more constant time.
2014-09-24 12:47:19 +02:00
constant_time_test.c
RT3066: rewrite RSA padding checks to be slightly more constant time.
2014-09-24 12:47:19 +02:00
cpt_err.c
Implement FIPS_mode and FIPS_mode_set
2011-05-19 18:19:07 +00:00
cryptlib.c
Avoid Windows 8 Getversion deprecated errors.
2014-02-25 13:41:53 +00:00
cryptlib.h
Reduce version skew: trivia (I hope).
2012-06-03 22:03:37 +00:00
crypto-lib.com
Adjust VMS build to Unix build. Most of all, make it so the disabled
2014-06-18 13:43:09 +02:00
crypto.h
Add and use a constant-time memcmp.
2013-02-06 13:56:12 +00:00
cversion.c
ebcdic.c
ebcdic.h
RT2308: Add extern "C" { ... } wrapper
2014-08-27 21:45:09 -04:00
ex_data.c
Avoid warnings with -pedantic, specifically:
2008-07-04 23:12:52 +00:00
fips_err.h
Update error codes for FIPS.
2011-10-21 13:04:27 +00:00
fips_ers.c
Add FIPS error codes.
2011-06-21 16:58:10 +00:00
ia64cpuid.S
IA64 assembler pack update from HEAD.
2011-11-14 20:45:57 +00:00
install-crypto.com
Adjust VMS build to Unix build. Most of all, make it so the disabled
2014-06-18 13:43:09 +02:00
LPdir_nyi.c
LPdir_unix.c
LPdir_vms.c
Followup on RT3334 fix: make sure that a directory that's the empty
2014-09-03 22:23:34 +02:00
LPdir_win32.c
LPdir_win.c
Followup on RT3334 fix: make sure that a directory that's the empty
2014-09-03 22:23:34 +02:00
LPdir_wince.c
Makefile
Harmonize Tru64 and Linux make rules.
2014-09-20 10:22:13 +02:00
md32_common.h
Please Clang's sanitizer.
2014-07-09 22:45:38 +02:00
mem_clr.c
Fix warning.
2007-06-23 18:47:51 +00:00
mem_dbg.c
PR: 1894
2009-04-16 17:22:51 +00:00
mem.c
Reduce version skew: trivia (I hope).
2012-06-03 22:03:37 +00:00
o_dir_test.c
o_dir.c
o_dir.h
o_fips.c
call OPENSSL_init when calling FIPS_mode too
2012-04-20 14:43:14 +00:00
o_init.c
The first of many changes to make OpenSSL 1.0.1 FIPS capable.
2011-05-26 14:19:19 +00:00
o_str.c
Improve WINCE support.
2014-02-01 22:48:56 +01:00
o_str.h
"Overload" SunOS 4.x memcmp, which ruins ASN1_OBJECT table lookups.
2005-09-20 20:19:07 +00:00
o_time.c
Time difference functions.
2013-08-19 21:55:07 +01:00
o_time.h
Time difference functions.
2013-08-19 21:55:07 +01:00
opensslconf.h.in
Eliminate warning induced by http://cvs.openssl.org/chngview?cn=14690 and
2005-12-16 10:37:24 +00:00
opensslv.h
RT2308: Add extern "C" { ... } wrapper
2014-08-27 21:45:09 -04:00
ossl_typ.h
RT2308: Add extern "C" { ... } wrapper
2014-08-27 21:45:09 -04:00
pariscid.pl
PA-RISC assembler pack: switch to bve in 64-bit builds.
2013-06-30 23:13:23 +02:00
ppc_arch.h
Initial POWER8 support from development branch.
2014-07-20 14:36:49 +02:00
ppccap.c
Initial POWER8 support from development branch.
2014-07-20 14:36:49 +02:00
ppccpuid.pl
Initial POWER8 support from development branch.
2014-07-20 14:36:49 +02:00
s390xcap.c
s390x assembler pack update from HEAD.
2011-11-14 20:47:22 +00:00
s390xcpuid.S
s390x assembler pack update from HEAD.
2011-11-14 20:47:22 +00:00
sparc_arch.h
sparcv9cap.c: update from master.
2013-05-20 00:16:18 +02:00
sparccpuid.S
sparcv9cap.c: update from master.
2013-05-20 00:16:18 +02:00
sparcv9cap.c
sparcv9cap.c: omit random detection.
2013-12-28 13:32:45 +01:00
symhacks.h
Add new VMS hack symbol, update ordinals.
2014-03-02 13:50:06 +00:00
uid.c
vms_rms.h
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:47:47 +00:00
x86_64cpuid.pl
x86[_64]cpuid.pl: add low-level RDSEED.
2014-02-14 17:25:14 +01:00
x86cpuid.pl
x86[_64]cpuid.pl: add low-level RDSEED.
2014-02-14 17:25:14 +01:00