openssl

History

Pauli c0caa945f6 Address a timing side channel whereby it is possible to determine some information about the length of a value used in DSA operations from a large number of signatures. This doesn't rate as a CVE because: * For the non-constant time code, there are easier ways to extract more information. * For the constant time code, it requires a significant number of signatures to leak a small amount of information. Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for reporting this issue. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4576)		2017-11-01 15:47:28 +00:00
..
build.info	Make DSA_METHOD opaque	2016-04-03 00:23:56 +01:00
dsa_ameth.c	Remove parentheses of return.	2017-10-18 16:05:06 +01:00
dsa_asn1.c	Remove parentheses of return.	2017-10-18 16:05:06 +01:00
dsa_depr.c	Useless header include of openssl/rand.h	2016-06-18 16:30:24 -04:00
dsa_err.c	make error tables const and separate header file	2017-06-07 15:12:03 -04:00
dsa_gen.c	Fix a possible crash in dsa_builtin_paramgen2.	2017-06-14 09:35:48 -04:00
dsa_key.c	Remove parentheses of return.	2017-10-18 16:05:06 +01:00
dsa_lib.c	Remove parentheses of return.	2017-10-18 16:05:06 +01:00
dsa_locl.h	Act on deprecation of LONG and ZLONG, step 2	2017-04-10 12:11:00 +02:00
dsa_meth.c	Fix some extra or missing whitespaces...	2017-01-25 09:06:34 +00:00
dsa_ossl.c	Address a timing side channel whereby it is possible to determine some	2017-11-01 15:47:28 +00:00
dsa_pmeth.c	Style	2017-01-25 09:06:34 +00:00
dsa_prn.c	Remove parentheses of return.	2017-10-18 16:05:06 +01:00
dsa_sign.c	Remove email addresses from source code.	2017-10-13 10:06:59 -04:00
dsa_vrf.c	Remove email addresses from source code.	2017-10-13 10:06:59 -04:00