openssl

History

Dr. Stephen Henson f9b6c0ba4c Fix for CVE-2014-0076

Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140

Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
(cherry picked from commit 2198be3483259de374f91e57d247d0fc667aef29)

Conflicts:

	CHANGES

2014-03-12 14:29:43 +00:00

aes

aes/asm/vpaes-ppc.pl: fix traceback info.

2014-02-25 20:11:34 +01:00

asn1

make depend

2014-02-19 20:09:08 +00:00

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00

bio

bss_dgram.c,d1_lib.c: make it compile with mingw.

2014-03-06 14:04:56 +01:00

Fix for CVE-2014-0076

2014-03-12 14:29:43 +00:00

buffer

Typo.

2013-07-17 21:45:00 +01:00

camellia

x86_64 assembly pack: make Windows build more robust.

2013-01-22 22:27:28 +01:00

cast

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00

cmac

fix reset fix

2012-04-11 15:05:07 +00:00

cms

make depend

2014-02-19 20:09:08 +00:00

comp

Assorted bugfixes:

2011-02-03 12:03:51 +00:00

conf

New config module for string tables. This can be used to add new

2012-10-22 13:05:54 +00:00

des

SPARC T4 assembly pack: treat zero input length in CBC.

2014-03-07 10:30:37 +01:00

dh_check.c: check BN_CTX_get's return value.

2014-03-06 14:19:37 +01:00

dsa

misspellings fixes by https://github.com/vlajos/misspell_fixer

2013-09-05 21:39:42 +01:00

dso

misspellings fixes by https://github.com/vlajos/misspell_fixer

2013-09-05 21:39:42 +01:00

Fix for CVE-2014-0076

2014-03-12 14:29:43 +00:00

ecdh

make depend

2014-02-19 20:09:08 +00:00

ecdsa

make depend

2014-02-19 20:09:08 +00:00

engine

make depend

2014-02-19 20:09:08 +00:00

err

misspellings fixes by https://github.com/vlajos/misspell_fixer

2013-09-05 21:39:42 +01:00

evp

make depend

2014-02-19 20:09:08 +00:00

hmac

Fix some warnings caused by __owur. Temporarily (I hope) remove the more

2011-11-14 00:36:10 +00:00

idea

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00

jpake

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00

krb5

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00

lhash

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00

md2

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00

md4

Fix some clang warnings.

2013-01-13 21:04:39 +00:00

md5

misspellings fixes by https://github.com/vlajos/misspell_fixer

2013-09-05 21:39:42 +01:00

mdc2

Update dependencies.

2011-02-21 17:51:59 +00:00

modes

make depend

2014-02-19 20:09:08 +00:00

objects

CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration.

2014-02-26 15:33:11 +00:00

ocsp

Constification.

2013-10-07 12:45:26 +01:00

pem

Fix warning.

2014-02-13 03:11:58 +00:00

perlasm

SPARC T4 assembly pack: treat zero input length in CBC.

2014-03-07 10:30:37 +01:00

pkcs7

Add suppot for ASCII with CRLF canonicalisation.

2014-02-13 14:35:56 +00:00

pkcs12

PKCS#8 support for alternative PRFs.

2014-03-01 23:16:08 +00:00

pqueue

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00

rand

Avoid Windows 8 Getversion deprecated errors.

2014-02-25 13:40:33 +00:00

rc2

misspellings fixes by https://github.com/vlajos/misspell_fixer

2013-09-05 21:39:42 +01:00

rc4

rc4/asm/rc4-586.pl: allow for 386-only build.

2014-02-27 14:19:19 +01:00

rc5

Update support for Intel compiler: add linux-x86_64-icc and fix problems.

2012-11-28 13:05:13 +00:00

ripemd

misspellings fixes by https://github.com/vlajos/misspell_fixer

2013-09-05 21:39:42 +01:00

rsa

make depend

2014-02-19 20:09:08 +00:00

seed

seed.c: incredibly enough seed.c can fail to compile on Solaris with certain

2012-02-26 21:52:43 +00:00

sha

sha/asm/sha256-586.pl: don't try to compile SIMD with no-sse2.

2014-02-26 10:22:13 +01:00

srp

srp/srp_grps.h: make it Compaq C-friendly.

2013-11-12 22:09:55 +01:00

stack

CMS support for key agreeement recipient info.

2013-07-17 21:45:00 +01:00

store

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00

threads

Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).

2009-05-15 16:36:56 +00:00

Rename Suite B functions for consistency.

2012-08-03 15:58:15 +00:00

txt_db

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00

PR: 2717

2012-02-11 23:41:19 +00:00

whrlpool

x86_64 assembly pack: make Windows build more robust.

2013-01-22 22:27:28 +01:00

x509

For self signed root only indicate one error.

2014-03-03 23:36:46 +00:00

x509v3

Don't use BN_ULLONG in n2l8 use SCTS_TIMESTAMP.

2014-02-25 15:06:51 +00:00

.cvsignore

Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev

2008-04-17 10:19:16 +00:00

alphacpuid.pl

alphacpuid.pl: fix alignment bug.

2011-08-12 12:28:52 +00:00

arm_arch.h

arm_arch.h: allow to specify __ARM_ARCH__ elsewhere.

2011-11-09 20:08:44 +00:00

armcap.c

crypto/armcap.c: fix typo in rdtsc subroutine.

2013-09-15 22:07:49 +02:00

armv4cpuid.S

armv4cpuid.S, armv4-gf2m.pl: make newest code compilable by older assembler.

2011-11-05 13:07:18 +00:00

c64xpluscpuid.pl

C64x+ assembly pack: improve EABI support.

2012-11-28 13:19:10 +00:00

cpt_err.c

Implement FIPS_mode and FIPS_mode_set

2011-05-19 18:09:02 +00:00

cryptlib.c

Avoid Windows 8 Getversion deprecated errors.

2014-02-25 13:40:33 +00:00

cryptlib.h

Add a symbol for the first parameter to OPENSSL_showfatal().

2011-06-23 09:46:27 +00:00

crypto-lib.com

Move CT viewer extension code to crypto/x509v3

2014-02-20 18:48:56 +00:00

crypto.h

Move gmtime functions to crypto.h.

2014-02-19 18:02:04 +00:00

cversion.c

(oops) Apologies all, that last header-cleanup commit was from the wrong

2004-04-19 18:09:28 +00:00

ebcdic.c

Oops, this file already had the "empty source file" workaround but it

2003-10-29 22:25:04 +00:00

ebcdic.h

EBCDIC support.

2000-02-01 02:21:16 +00:00

ex_data.c

Avoid warnings with -pedantic, specifically:

2008-07-04 23:12:52 +00:00

fips_err.h

Check for selftest failure in various places.

2011-10-22 17:24:27 +00:00

fips_ers.c

Rename crypto/fips_err.c to fips_ers.c to avoid clash with other fips_err.c

2011-02-03 16:16:30 +00:00

ia64cpuid.S

IA-64 assembler pack: fix typos and make it work on HP-UX.

2011-05-07 20:36:05 +00:00

install-crypto.com

After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS

2011-03-19 10:58:14 +00:00

lock.c

Include support for an add_lock callback to tiny FIPS locking API.

2011-02-14 17:05:42 +00:00

LPdir_nyi.c

Copy a few files from LPlib (a new project of mine), add a wrapper.

2004-07-10 13:16:02 +00:00

LPdir_unix.c

Import changed files from LPlib. The changes are logged as follows

2004-09-23 22:11:39 +00:00

LPdir_vms.c

After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS

2011-03-19 10:58:14 +00:00

LPdir_win32.c

Import changed files from LPlib. The changes are logged as follows

2004-09-23 22:11:39 +00:00

LPdir_win.c

Fix mingw warnings.

2006-10-23 07:41:05 +00:00

LPdir_wince.c

Import changed files from LPlib. The changes are logged as follows

2004-09-23 22:11:39 +00:00

Makefile

make depend

2014-02-19 20:09:08 +00:00

md32_common.h

Initial aarch64 bits.

2013-10-13 19:15:15 +02:00

mem_clr.c

Fix warning.

2007-06-23 18:47:51 +00:00

mem_dbg.c

Updates from 1.0.0-stable branch.

2009-04-20 11:33:12 +00:00

mem.c

Version skew reduction: trivia (I hope).

2012-06-03 22:00:21 +00:00

o_dir_test.c

Copy a few files from LPlib (a new project of mine), add a wrapper.

2004-07-10 13:16:02 +00:00

o_dir.c

DJGPP has opendir() and friends, according to Gisle Vanem <giva@bgnett.no>.

2004-08-03 19:15:21 +00:00

o_dir.h

Copy a few files from LPlib (a new project of mine), add a wrapper.

2004-07-10 13:16:02 +00:00

o_fips.c

Implement FIPS_mode and FIPS_mode_set

2011-05-19 18:09:02 +00:00

o_init.c

remove unnecessary attempt to automatically call OPENSSL_init

2012-07-01 22:25:04 +00:00

o_str.c

Improve WINCE support.

2013-01-19 21:23:13 +01:00

o_str.h

"Overload" SunOS 4.x memcmp, which ruins ASN1_OBJECT table lookups.

2005-09-20 20:19:07 +00:00

o_time.c

Move gmtime functions to crypto.h.

2014-02-19 18:02:04 +00:00

opensslconf.h.in

Eliminate warning induced by http://cvs.openssl.org/chngview?cn=14690 and

2005-12-16 10:37:24 +00:00

opensslv.h

HEAD is now 1.1.0

2009-03-31 10:38:37 +00:00

ossl_typ.h

Add KDF for DH.

2013-08-05 15:45:01 +01:00

pariscid.pl

PA-RISC assembler pack: switch to bve in 64-bit builds.

2013-06-18 10:37:00 +02:00

ppccap.c

ppc64-mont.pl: eliminate dependency on GPRs' upper halves.

2013-11-27 22:50:00 +01:00

ppccpuid.pl

PPC assembly pack: add .size directives.

2013-10-15 00:14:39 +02:00

s390xcap.c

s390x assembler pack: extend OPENSSL_s390xcap_P to 128 bits.

2010-09-18 08:46:53 +00:00

s390xcpuid.S

Multiple assembler packs: add experimental memory bus instrumentation.

2011-04-17 12:46:00 +00:00

sparc_arch.h

Support for SPARC T4 MONT[MUL|SQR] instructions.

2012-11-17 10:34:11 +00:00

sparccpuid.S

sparccpuid.S: work around emulator bug on T1.

2013-02-11 10:39:50 +01:00

sparcv9cap.c

sparcv9cap.c: omit random detection.

2013-12-28 13:31:14 +01:00

symhacks.h

Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)

2013-09-06 13:59:13 +01:00

thr_id.c

Fix warning.

2012-09-17 17:21:58 +00:00

uid.c

Netware-specific changes,

2003-11-28 13:10:58 +00:00

vms_rms.h

After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS

2011-03-19 10:58:14 +00:00

x86_64cpuid.pl

x86[_64]cpuid.pl: add low-level RDSEED.

2014-02-14 17:24:12 +01:00

x86cpuid.pl

x86[_64]cpuid.pl: add low-level RDSEED.

2014-02-14 17:24:12 +01:00