wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/rsa
History
Emilia Kasper 96e1015eec RT3066: rewrite RSA padding checks to be slightly more constant time. 
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Conflicts:
	crypto/rsa/rsa_oaep.c
2014-09-24 14:39:44 +02:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Makefile RT3066: rewrite RSA padding checks to be slightly more constant time. 2014-09-24 14:39:44 +02:00
rsa.h RT3066: rewrite RSA padding checks to be slightly more constant time. 2014-09-24 14:39:44 +02:00
rsa_asn1.c Change old obsolete email address... 2008-11-05 18:36:57 +00:00
rsa_chk.c This is a first-cut at improving the callback mechanisms used in 2002-12-08 05:24:31 +00:00
rsa_depr.c backport recent changes from the cvs head 2006-02-08 19:16:33 +00:00
rsa_eay.c Return smaller of ret and f. 2014-07-05 22:39:16 +01:00
rsa_eng.c PR: 2124 2009-12-09 13:41:50 +00:00
rsa_err.c RT3066: rewrite RSA padding checks to be slightly more constant time. 2014-09-24 14:39:44 +02:00
rsa_gen.c Merge public key FIPS code, RSA, DSA, DH. 2008-09-16 14:55:26 +00:00
rsa_lib.c Merge public key FIPS code, RSA, DSA, DH. 2008-09-16 14:55:26 +00:00
rsa_none.c
rsa_null.c Change old obsolete email address... 2008-11-05 18:36:57 +00:00
rsa_oaep.c RT3066: rewrite RSA padding checks to be slightly more constant time. 2014-09-24 14:39:44 +02:00
rsa_pk1.c RT3066: rewrite RSA padding checks to be slightly more constant time. 2014-09-24 14:39:44 +02:00
rsa_pss.c Submitted by: Julia Lawall <julia@diku.dk> 2009-09-13 11:20:38 +00:00
rsa_saos.c Add lots of checks for memory allocation failure, error codes to indicate 2004-12-05 01:03:15 +00:00
rsa_sign.c Bypass algorithm blocking with TLS MD5+SHA1 signature in FIPS mode by 2010-01-27 00:51:24 +00:00
rsa_ssl.c We should check the eight bytes starting at p[-9] for rollback attack 2008-07-17 22:11:24 +00:00
rsa_test.c Make sure we detect corruption. 2007-04-04 12:50:13 +00:00
rsa_x931.c Change old obsolete email address... 2008-11-05 18:36:57 +00:00
rsa_x931g.c PR: 1840 2009-02-14 22:19:31 +00:00