wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8805 commits 20 branches 302 tags 153 MiB
Commit graph

21 commits

Author SHA1 Message Date
Emilia Kasper
699d78ce98 RT3067: simplify patch 
(Original commit adb46dbc6d)

Use the new constant-time methods consistently in s3_srvr.c

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 455b65dfab)

Conflicts:
	ssl/Makefile
 2014-09-24 16:01:46 +02:00
Emilia Kasper
9b208659aa Constant-time utilities 
Pull constant-time methods out to a separate header, add tests.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
(cherry picked from commit 73729e4cf3)

Conflicts:
	ssl/Makefile
	test/Makefile
 2014-08-28 17:28:42 +02:00
Dr. Stephen Henson
430b637bd5 make update 2013-02-05 16:50:36 +00:00
Ben Laurie
35a65e814b Make CBC decoding constant time. 
This patch makes the decoding of SSLv3 and TLS CBC records constant
time. Without this, a timing side-channel can be used to build a padding
oracle and mount Vaudenay's attack.

This patch also disables the stitched AESNI+SHA mode pending a similar
fix to that code.

In order to be easy to backport, this change is implemented in ssl/,
rather than as a generic AEAD mode. In the future this should be changed
around so that HMAC isn't in ssl/, but crypto/ as FIPS expects.
(cherry picked from commit e130841bcc)

Conflicts:
	crypto/evp/c_allc.c
	ssl/ssl_algs.c
	ssl/ssl_locl.h
	ssl/t1_enc.c
(cherry picked from commit 3622239826698a0e534dcf0473204c724bb9b4b4)

Conflicts:
	ssl/d1_enc.c
	ssl/s3_enc.c
	ssl/s3_pkt.c
	ssl/ssl3.h
	ssl/ssl_algs.c
	ssl/t1_enc.c
 2013-02-05 16:50:32 +00:00
Dr. Stephen Henson
dd28d12add make update 2010-01-20 16:35:30 +00:00
Ben Laurie
c2b78c31d6 First cut of renegotiation extension. 2009-11-08 14:51:54 +00:00
Dr. Stephen Henson
e852835da6 Make update: delete duplicate error code. 2008-09-17 17:11:09 +00:00
Dr. Stephen Henson
52702f6f92 Updates to build system from FIPS branch. Make fipscanisterbuild work and 
build FIPS test programs.
 2008-09-17 15:56:42 +00:00
Dr. Stephen Henson
1af12ff1d1 Fix error code discrepancy. 
Make update.
 2008-09-14 16:43:37 +00:00
Ben Laurie
9c04747623 Make depend. 2007-11-15 13:32:53 +00:00
Ben Laurie
bb99ce5f80 make update, and more DTLS stuff. 2007-10-11 14:36:59 +00:00
Ben Laurie
4f2b7d48b1 make depend 2007-09-19 12:17:11 +00:00
Dr. Stephen Henson
9f85fcefdc Update filenames in makefiles 2006-02-04 01:49:36 +00:00
Nils Larsch
4913b88f70 make 
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
	make all test
work again (+ make update)

PR: 1159
 2005-07-16 11:13:10 +00:00
Richard Levitte
3d37d5e24a Forgottent make update. These files will be retagged. 2005-05-30 23:20:32 +00:00
Richard Levitte
dd890f0776 make update 2005-05-24 03:39:37 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and 
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
 2005-05-16 16:55:47 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Bodo Möller
0d5ea7613e make update 2005-04-26 18:09:21 +00:00
Ben Laurie
36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Renamed from ssl/Makefile.ssl (Browse further)