Richard Levitte
7f09a8773b
Include "constant_time_locl.h" rather than "../constant_time_locl.h".
...
The different -I compiler parameters will take care of the rest...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Conflicts:
crypto/evp/evp_enc.c
crypto/rsa/rsa_oaep.c
crypto/rsa/rsa_pk1.c
2014-10-15 17:00:06 +02:00
Matt Caswell
ed13270d2e
Updates to NEWS file
...
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
2014-10-15 08:56:16 -04:00
Matt Caswell
53afbe12ba
Updates CHANGES file
...
Reviewed-by: Bodo Möller <bodo@openssl.org>
2014-10-15 08:56:16 -04:00
Geoff Thorpe
62f45cc27d
Fix no-ssl3 configuration option
...
CVE-2014-3568
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-15 08:56:16 -04:00
Dr. Stephen Henson
7482705548
Fix for session tickets memory leak.
...
CVE-2014-3567
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-10-15 08:56:16 -04:00
Matt Caswell
3dd814ac4d
Fix SRTP compile issues for windows
...
Related to CVE-2014-3513
This fix was developed by the OpenSSL Team
Reviewed-by: Tim Hudson <tjh@openssl.org>
Conflicts:
util/mkdef.pl
util/ssleay.num
2014-10-15 08:56:16 -04:00
Matt Caswell
e659eff2c0
Fix for SRTP Memory Leak
...
CVE-2014-3513
This issue was reported to OpenSSL on 26th September 2014, based on an original
issue and patch developed by the LibreSSL project. Further analysis of the issue
was performed by the OpenSSL team.
The fix was developed by the OpenSSL team.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-15 08:56:16 -04:00
Bodo Moeller
0b382a8e8d
Fix SSL_R naming inconsistency.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-15 14:48:14 +02:00
Andy Polyakov
69d5747f90
aesni-x86_64.pl: make ECB subroutine Windows ABI compliant.
...
RT: 3553
Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-10-15 11:10:08 +02:00
Bodo Moeller
fb0e87fb67
Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv
...
handling out of #ifndef OPENSSL_NO_DTLS1 section.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-15 10:43:50 +02:00
Bodo Moeller
cf6da05304
Support TLS_FALLBACK_SCSV.
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-15 04:03:28 +02:00
Dr. Stephen Henson
ffa08b3242
Remove reference to deleted md4.c
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-10-11 13:37:44 +01:00
Dr. Stephen Henson
f3014206a2
Disable encrypt them mac for SSL 3.0 and stream ciphers (RC4 only).
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-10 13:23:29 +01:00
Matt Caswell
e0fdea3e49
Removed duplicate definition of PKCS7_type_is_encrypted
...
Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also
remove duplicate definition of PKCS7_type_is_digest.
PR#3551
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-06 23:42:13 +01:00
Ben Laurie
71614df485
Fix single makefile.
...
Reviewed-by: Geoffrey Thorpe <geoff@geoffthorpe.net>
2014-10-06 18:07:55 +01:00
Rich Salz
5aed169305
RT3462: Document actions when data==NULL
...
If data is NULL, return the size needed to hold the
derived key. No other API to do this, so document
the behavior.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-10-03 10:39:00 -04:00
Bodo Moeller
429a25b97d
DTLS 1.2 support has been added to 1.0.2.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-02 17:56:40 +02:00
Andy Polyakov
ae4af7a067
crypto/cast/asm/cast-586.pl: +5% on PIII and remove obsolete readme.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-01 23:59:14 +02:00
Rich Salz
df8c39d522
RT3549: Remove obsolete files in crypto
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-10-01 16:05:47 -04:00
Rich Salz
d5f34443ad
RT2910: Remove des.c and its Makefile target
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-09-30 16:44:10 -04:00
Rich Salz
9208640a36
RT2309: Fix podpage MMNNFFPPS->MNNFFPPS
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-09-30 16:31:11 -04:00
Dr. Stephen Henson
4b6dee2b14
Parse custom extensions after internal extensions.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-30 20:10:50 +01:00
Andy Polyakov
55c7a4cf11
e_os.h: refine inline override logic (to address warnings in debug build).
...
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
2014-09-30 21:05:33 +02:00
Andy Polyakov
323154be33
crypto/bn/bn_nist.c: bring original failing code back for reference.
...
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-09-30 21:00:44 +02:00
Dr. Stephen Henson
7c4776251e
Add additional explanation to CHANGES entry.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-29 12:25:10 +01:00
Dr. Stephen Henson
1cfd255c91
Add additional DigestInfo checks.
...
Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.
Note: this is a precautionary measure, there is no known attack
which can exploit this.
Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-29 12:01:05 +01:00
Rich Salz
3d81ec5b92
Remove #ifdef's for IRIX_CC_BUG
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-09-25 14:43:24 -04:00
Rich Salz
008bef521c
RT3544: Must update TABLE after Configure change
...
Also add comment to Configure reminding people to do that.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-09-25 13:18:22 -04:00
Emilia Kasper
fdc35a9d3e
Add missing tests
...
Accidentally omitted from commit 455b65dfab
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-09-25 13:46:08 +02:00
Dr. Stephen Henson
5886354dcc
Use correct function name: CMS_add1_signer()
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-09-25 00:03:27 +01:00
Andy Polyakov
8b07c005fe
crypto/bn/bn_nist.c: work around MSC ARM compiler bug.
...
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-09-25 00:42:26 +02:00
Andy Polyakov
40155f4089
e_os.h: allow inline functions to be compiled by legacy compilers.
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-09-25 00:32:56 +02:00
Rich Salz
92c7846372
RT3544: Remove MWERKS support
...
The following #ifdef tests were all removed:
__MWERKS__
MAC_OS_pre_X
MAC_OS_GUSI_SOURCE
MAC_OS_pre_X
OPENSSL_SYS_MACINTOSH_CLASSIC
OPENSSL_SYS_MACOSX_RHAPSODY
Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-09-24 18:07:29 -04:00
Emilia Kasper
4aac102f75
RT3425: constant-time evp_enc
...
Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-24 16:19:18 +02:00
Emilia Kasper
455b65dfab
RT3067: simplify patch
...
(Original commit adb46dbc6d
)
Use the new constant-time methods consistently in s3_srvr.c
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-09-24 15:35:02 +02:00
Emilia Kasper
294d1e36c2
RT3066: rewrite RSA padding checks to be slightly more constant time.
...
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1
This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-09-24 12:45:42 +02:00
Emilia Kasper
51b7be8d5f
make update
...
Sync libeay.num from 1.0.2
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
2014-09-23 18:37:23 +02:00
Emilia Kasper
5f85f64f7e
Note i2d_re_X509_tbs and related changes in CHANGES
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit e9128d9401
)
2014-09-23 18:28:10 +02:00
Andy Polyakov
507efe7372
CHANGES: mention ECP_NISTZ256.
...
Reviewed-by: Bodo Moeller <bodo@openssl.org>
2014-09-23 14:54:34 +02:00
Andy Polyakov
4513b1b641
crypto/rsa/rsa_chk.c: harmonize error codes.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-21 23:05:13 +02:00
Andy Polyakov
be07ae9b10
crypto/ecp_nistz256.c: harmonize error codes.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-21 15:56:02 +02:00
Tim Hudson
b5ff559ff9
Fixed error introduced in commit f2be92b94d
...
that fixed PR#3450 where an existing cast masked an issue when i was changed
from int to long in that commit
Picked up on z/linux (s390) where sizeof(int)!=sizeof(long)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-09-21 21:54:31 +10:00
Andy Polyakov
d475b2a3bf
Harmonize Tru64 and Linux make rules.
...
RT: 3333,3165
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-20 10:20:38 +02:00
Dr. Stephen Henson
16e5b45f72
Fix warning.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-20 00:08:56 +01:00
Rich Salz
e8185aea87
RT3291: Add -crl and -revoke options to CA.pl
...
Document the new features
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-18 21:45:41 -04:00
Jake Goulding
99b00fd993
RT2301: GetDIBits, not GetBitmapBits in rand_win
...
GetDIBits has been around since Windows2000 and
BitBitmapBits is an old Win16 compatibility function
that is much slower.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-18 16:41:31 -04:00
Andy Polyakov
569e2d1257
crypto/bn/asm/x86_64-mont*.pl: add missing clang detection.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-12 00:44:51 +02:00
Andy Polyakov
847147908b
Configure: engage ECP_NISTZ256.
...
RT: 3149
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-12 00:38:57 +02:00
Andy Polyakov
4d3fa06fce
Add ECP_NISTZ256 by Shay Gueron, Intel Corp.
...
RT: 3149
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-12 00:37:41 +02:00
Andy Polyakov
f54be179aa
Reserve option to use BN_mod_exp_mont_consttime in ECDSA.
...
Submitted by Shay Gueron, Intel Corp.
RT: 3149
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-12 00:13:20 +02:00