wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10448 commits 20 branches 302 tags 153 MiB
Commit graph

14 commits

Author SHA1 Message Date
David Woodhouse
9fe4603b82 Check DTLS_BAD_VER for version number. 
The version check for DTLS1_VERSION was redundant as
DTLS1_VERSION > TLS1_1_VERSION, however we do need to
check for DTLS1_BAD_VER for compatibility.

PR:2984
(cherry picked from commit d980abb22e)
 2013-02-12 15:16:05 +00:00
Andy Polyakov
579f3a631e s3_cbc.c: make CBC_MAC_ROTATE_IN_PLACE universal. 
(cherry picked from commit f93a41877d)
 2013-02-08 21:37:07 +01:00
Andy Polyakov
47061af106 s3_cbc.c: get rid of expensive divisions [from master]. 
(cherry picked from commit e9baceab5a)
 2013-02-08 17:00:46 +01:00
Dr. Stephen Henson
32cc2479b4 Fix IV check and padding removal. 
Fix the calculation that checks there is enough room in a record
after removing padding and optional explicit IV. (by Steve)

For AEAD remove the correct number of padding bytes (by Andy)
 2013-02-07 21:06:37 +00:00
Adam Langley
f306b87d76 Fix for EXP-RC2-CBC-MD5 
MD5 should use little endian order. Fortunately the only ciphersuite
affected is EXP-RC2-CBC-MD5 (TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5) which
is a rarely used export grade ciphersuite.
 2013-02-06 16:05:40 +00:00
Andy Polyakov
125093b59f e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. 
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
 2013-02-02 19:35:09 +01:00
Andy Polyakov
ec07246a08 ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility. 2013-02-01 15:34:09 +01:00
Dr. Stephen Henson
04e45b52ee Don't access EVP_MD_CTX internals directly. 2013-02-01 14:12:27 +00:00
Andy Polyakov
d5371324d9 s3/s3_cbc.c: allow for compilations with NO_SHA256|512. 2013-02-01 10:31:59 +01:00
Andy Polyakov
36260233e7 ssl/s3_cbc.c: md_state alignment portability fix. 
RISCs are picky and alignment granted by compiler for md_state can be
insufficient for SHA512.
 2013-02-01 10:31:52 +01:00
Andy Polyakov
cab13fc847 ssl/s3_cbc.c: uint64_t portability fix. 
Break dependency on uint64_t. It's possible to declare bits as
unsigned int, because TLS packets are limited in size and 32-bit
value can't overflow.
 2013-02-01 10:31:23 +01:00
Dr. Stephen Henson
34ab3c8c71 typo. 2013-01-31 23:04:39 +00:00
Dr. Stephen Henson
b908e88ec1 Timing fix mitigation for FIPS mode. 
We have to use EVP in FIPS mode so we can only partially mitigate
timing differences.

Make an extra call to EVP_DigestSignUpdate to hash additonal blocks
to cover any timing differences caused by removal of padding.
 2013-01-31 12:34:10 +00:00
Ben Laurie
014265eb02 Oops. Add missing file. 2013-01-28 18:24:55 +00:00