wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11752 commits 20 branches 302 tags 153 MiB
Commit graph

19 commits

Author SHA1 Message Date
Matt Caswell
1a3701f4fe Sanity check EVP_CTRL_AEAD_TLS_AAD 
The various implementations of EVP_CTRL_AEAD_TLS_AAD expect a buffer of at
least 13 bytes long. Add sanity checks to ensure that the length is at
least that. Also add a new constant (EVP_AEAD_TLS1_AAD_LEN) to evp.h to
represent this length. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit c826988109)

Conflicts:
	ssl/record/ssl3_record.c
 2015-04-30 23:21:50 +01:00
Matt Caswell
ae5c8664e5 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:31:38 +00:00
Matt Caswell
f3b6ee30f4 Move more comments that confuse indent 
Conflicts:
	crypto/dsa/dsa.h
	demos/engines/ibmca/hw_ibmca.c
	ssl/ssl_locl.h

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:28:49 +00:00
Andy Polyakov
b698c427de crypto/evp/e_aes_cbc_hmac_sha[1|256].c: fix compiler warnings. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 2893a302a9)
 2014-08-20 22:20:21 +02:00
Felix Laurie von Massenbach
6657e68bf2 Fix shadow declaration. 
(cherry picked from commit 1f61d8b5b1)
 2014-06-17 18:36:48 +01:00
Andy Polyakov
79b960c046 evp/e_aes_cbc_sha[1|256].c: fix -DPEDANTIC build. 
(cherry picked from commit ce00c64df9)
 2014-06-14 23:16:29 +02:00
Andy Polyakov
aff78bb39a ssl/s3_pkt.c: detect RAND_bytes error in multi-block. 
(cherry picked from commit 701134320a)
 2014-02-14 17:45:33 +01:00
Andy Polyakov
fcc6f699e3 evp/e_aes_cbc_hmac_sha*.c: improve cache locality. 
(cherry picked from commit 9587429fa0)
 2014-02-13 14:41:10 +01:00
Andy Polyakov
41cf2d2518 evp/e_aes_cbc_hmac_sha[1|256].c: add multi-block implementations [from master]. 2014-02-05 19:52:38 +01:00
Andy Polyakov
dd1e4fbcc0 e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms. 
PR: 3002
(cherry picked from commit 5c60046553)
 2013-03-18 19:35:20 +01:00
Andy Polyakov
82425f2c28 e_aes_cbc_hmac_sha1.c: align calculated MAC at cache line. 
It also ensures that valgring is happy.
(cherry picked from commit 2141e6f30b)
 2013-02-08 10:35:02 +01:00
Andy Polyakov
af010edd55 e_aes_cbc_hmac_sha1.c: cleanse temporary copy of HMAC secret. 
(cherry picked from commit 529d27ea47)
 2013-02-06 13:56:15 +00:00
Andy Polyakov
5966f4d973 e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. 
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
(cherry picked from commit 125093b59f)
 2013-02-06 13:56:15 +00:00
Dr. Stephen Henson
e51ec51af9 revert more "version skew" changes that break FIPS builds 2012-06-10 23:02:06 +00:00
Ben Laurie
68d2cf51bc Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
Andy Polyakov
eb8a65db16 e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag 
countermeasure [from HEAD].

PR: 2778
 2012-04-15 14:23:26 +00:00
Dr. Stephen Henson
7b23c126e6 undef some symbols that cause problems with make depend for fips builds 2012-01-18 01:40:36 +00:00
Dr. Stephen Henson
7d453a3b49 Fix warnings (from HEAD). 2011-09-10 21:18:37 +00:00
Andy Polyakov
84e7485bfb Add RC4-MD5 and AESNI-SHA1 "stitched" implementations [from HEAD]. 2011-08-23 20:53:34 +00:00