generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/crypto
History
Emilia Kasper 904fcce0c6 RT3066: rewrite RSA padding checks to be slightly more constant time. 
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Conflicts:
	crypto/rsa/rsa_oaep.c
2014-09-24 14:35:03 +02:00
..
aes
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
asn1
Fix OID handling:
2014-08-06 21:30:39 +01:00
bf
Revert the size_t modifications from HEAD that had led to more
2008-11-12 03:58:08 +00:00
bio
Fix memory leak in BIO_free if there is no destroy function.
2014-07-09 23:37:04 +01:00
bn
Ensure that x**0 mod 1 = 0.
2014-09-04 16:07:16 +02:00
buffer
Constification.
2013-10-01 15:26:14 +01:00
camellia
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
cast
Constify crypto/cast.
2009-12-22 11:45:59 +00:00
cms
Set version number correctly.
2014-05-29 14:12:13 +01:00
comp
Assorted bugfixes:
2011-02-03 12:04:40 +00:00
conf
Prevent infinite loop loading config files.
2014-07-07 13:50:52 +01:00
des
PR: 2266
2010-05-26 23:23:44 +00:00
dh
PR: 1644
2009-09-06 15:49:12 +00:00
dsa
RT3061: Don't SEGFAULT when trying to export a public DSA key as a private key.
2014-08-22 15:25:30 +02:00
dso
Fix a wrong parameter count ERR_add_error_data
2014-05-19 22:18:23 +01:00
ec
Fixed double inclusion of string.h
2014-08-29 21:38:03 +01:00
ecdh
Fix EC_KEY initialization race.
2012-10-05 20:51:31 +00:00
ecdsa
Fix EC_KEY initialization race.
2012-10-05 20:51:31 +00:00
engine
Add loaded dynamic ENGINEs to list.
2014-01-28 13:57:58 +00:00
err
Don't include comp.h if no-comp set.
2013-01-20 01:12:15 +00:00
evp
Fix for EVP_PBE_alg_add().
2014-06-27 22:59:13 +01:00
hmac
inherit HMAC flags from MD_CTX
2011-05-19 17:39:49 +00:00
idea
Fix typo in ideatest.c
2014-06-28 00:06:47 +01:00
jpake
J-PAKE was not correctly checking values, which could lead to attacks.
2010-11-24 13:48:12 +00:00
krb5
Further BUILDENV refinement, further fool-proofing of Makefiles and
2005-05-16 16:55:47 +00:00
lhash
Revert lhash patch for PR#2124
2009-12-09 15:00:20 +00:00
md2
Constify seed and md2.
2007-08-31 10:12:35 +00:00
md4
Remove unnecessary casts and avoid some warnings with gcc 4.2.
2007-06-07 16:07:57 +00:00
md5
md5-x86_64.pl: work around warning.
2014-08-30 19:19:47 +02:00
mdc2
Update filenames in makefiles.
2006-02-04 01:45:59 +00:00
modes
crypto/modes: strict aliasing fixes from master.
2014-04-06 17:23:55 +02:00
objects
Fix OID handling:
2014-08-06 21:30:39 +01:00
ocsp
Handle IPv6 addresses in OCSP_parse_url.
2014-06-27 17:31:50 +01:00
pem
Sanity check keylength in PVK files.
2014-07-06 00:36:10 +01:00
perlasm
x86_64-xlate.pl: remove old kludge.
2012-03-13 19:19:57 +00:00
pkcs7
Remove ancient obsolete files under pkcs7.
2014-06-27 13:56:53 +01:00
pkcs12
Fix memory leak.
2014-05-29 14:12:13 +01:00
pqueue
Fix warnings (From HEAD, original patch by Ben).
2010-06-15 17:25:15 +00:00
rand
Create ~/.rnd with mode 0600 instead of 0666
2014-06-08 21:29:23 +01:00
rc2
Wire RC4 key_table to read-only segment.
2007-09-18 21:10:32 +00:00
rc4
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
rc5
Make inline assembler clang-friendly [from HEAD].
2010-08-02 21:54:23 +00:00
ripemd
PR: 1835
2009-02-14 21:49:38 +00:00
rsa
RT3066: rewrite RSA padding checks to be slightly more constant time.
2014-09-24 14:35:03 +02:00
seed
Engage crypto/modes.
2008-12-23 11:33:01 +00:00
sha
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
stack
make update
2014-08-06 22:24:50 +01:00
store
Make it possible to disable STORE.
2009-02-19 09:42:51 +00:00
threads
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
2009-05-15 16:37:08 +00:00
ts
Fix double frees.
2014-04-22 22:52:26 +01:00
txt_db
Change STRING to OPENSSL_STRING etc as common words such
2009-07-27 21:08:53 +00:00
ui
* crypto/ui/ui_lib.c: misplaced brace in switch statement.
2014-07-13 19:16:06 +02:00
whrlpool
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
x509
x509/by_dir.c: fix run-away pointer (and potential SEGV)
2014-02-24 15:24:14 +01:00
x509v3
Extension checking fixes.
2014-04-15 18:53:14 +01:00
.cvsignore
Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev
2008-04-17 10:19:16 +00:00
alphacpuid.pl
Alpha assembler fixes from HEAD.
2011-08-12 12:32:10 +00:00
constant_time_locl.h
RT3066: rewrite RSA padding checks to be slightly more constant time.
2014-09-24 14:35:03 +02:00
constant_time_test.c
RT3066: rewrite RSA padding checks to be slightly more constant time.
2014-09-24 14:35:03 +02:00
cpt_err.c
Update from 0.9.8 stable. Eliminate duplicate error codes.
2006-11-21 21:29:44 +00:00
cryptlib.c
Avoid Windows 8 Getversion deprecated errors.
2014-02-25 13:43:04 +00:00
cryptlib.h
export OPENSSL_isservice and make update
2010-01-26 13:55:33 +00:00
crypto-lib.com
Cosmetic: Reorder so it's more similar to the Unixly build.
2012-07-04 17:27:43 +00:00
crypto.h
Add and use a constant-time memcmp.
2013-02-05 16:46:15 +00:00
cversion.c
(oops) Apologies all, that last header-cleanup commit was from the wrong
2004-04-19 18:09:28 +00:00
ebcdic.c
Oops, this file already had the "empty source file" workaround but it
2003-10-29 22:25:04 +00:00
ebcdic.h
EBCDIC support.
2000-02-01 02:21:16 +00:00
ex_data.c
Avoid warnings with -pedantic, specifically:
2008-07-04 23:12:52 +00:00
ia64cpuid.S
Make assembly language versions of OPENSSL_cleanse() accept zero length
2010-02-12 17:02:13 +00:00
install-crypto.com
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:44:53 +00:00
LPdir_nyi.c
Copy a few files from LPlib (a new project of mine), add a wrapper.
2004-07-10 13:16:02 +00:00
LPdir_unix.c
Import changed files from LPlib. The changes are logged as follows
2004-09-23 22:11:39 +00:00
LPdir_vms.c
Followup on RT3334 fix: make sure that a directory that's the empty
2014-09-03 22:26:19 +02:00
LPdir_win32.c
Import changed files from LPlib. The changes are logged as follows
2004-09-23 22:11:39 +00:00
LPdir_win.c
Followup on RT3334 fix: make sure that a directory that's the empty
2014-09-03 22:26:19 +02:00
LPdir_wince.c
Import changed files from LPlib. The changes are logged as follows
2004-09-23 22:11:39 +00:00
Makefile
Constant-time utilities
2014-08-28 17:18:01 +02:00
md32_common.h
Make inline assembler clang-friendly [from HEAD].
2010-08-02 21:54:23 +00:00
mem_clr.c
Fix warning.
2007-06-23 18:47:51 +00:00
mem_dbg.c
PR: 1894
2009-04-16 17:22:51 +00:00
mem.c
Check for potentially exploitable overflows in asn1_d2i_read_bio
2012-04-19 11:44:51 +00:00
o_dir_test.c
Copy a few files from LPlib (a new project of mine), add a wrapper.
2004-07-10 13:16:02 +00:00
o_dir.c
DJGPP has opendir() and friends, according to Gisle Vanem <giva@bgnett.no>.
2004-08-03 19:15:21 +00:00
o_dir.h
Copy a few files from LPlib (a new project of mine), add a wrapper.
2004-07-10 13:16:02 +00:00
o_str.c
Update from HEAD.
2009-06-01 12:14:15 +00:00
o_str.h
"Overload" SunOS 4.x memcmp, which ruins ASN1_OBJECT table lookups.
2005-09-20 20:19:07 +00:00
o_time.c
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:44:53 +00:00
o_time.h
Experimental new date handling routines. These fix issues with X509_time_adj()
2008-10-07 22:55:27 +00:00
opensslconf.h.in
Eliminate warning induced by http://cvs.openssl.org/chngview?cn=14690 and
2005-12-16 10:37:24 +00:00
opensslv.h
Prepare for 1.0.0o-dev
2014-08-06 22:25:27 +01:00
ossl_typ.h
Update from stable branch.
2008-11-11 12:23:18 +00:00
ppccpuid.pl
ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance
2012-04-27 20:21:26 +00:00
s390xcap.c
s390x assembler update: add support for run-time facility detection [from HEAD].
2010-01-19 21:40:58 +00:00
s390xcpuid.S
Make assembly language versions of OPENSSL_cleanse() accept zero length
2010-02-12 17:02:13 +00:00
sparccpuid.S
sparccpuid.S: work around emulator bug on T1.
2013-02-11 10:42:32 +01:00
sparcv9cap.c
sparcv9cap.c: disengange Solaris-specific CPU detection routine in favour
2010-09-05 19:48:01 +00:00
symhacks.h
VMS fixes
2014-01-11 22:42:15 +00:00
uid.c
Netware-specific changes,
2003-11-28 13:10:58 +00:00
vms_rms.h
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:44:53 +00:00
x86_64cpuid.pl
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
x86cpuid.pl
x86cpuid.pl: make it work with older CPUs.
2013-03-18 19:51:13 +01:00