wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Ben Laurie f5cd3561ba Add and use a constant-time memcmp. 
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a)
2013-02-06 13:56:12 +00:00
..
aes x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 22:51:29 +01:00
asn1 initial support for delta CRL generations by diffing two full CRLs 2013-01-17 18:51:50 +00:00
bf Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA 2011-08-14 13:47:30 +00:00
bio bss_dgram.c: fix compilation failure and warning on Windows with 2012-08-14 09:53:41 +00:00
bn bn_word.c: fix overflow bug in BN_add_word. 2013-02-02 22:37:35 +01:00
buffer correct error code 2012-04-22 13:31:19 +00:00
camellia x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 22:51:29 +01:00
cast make update 2013-01-15 16:24:07 +00:00
cmac oops, macro not present in OpenSSL 1.0.2 2012-04-11 15:10:48 +00:00
cms Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP set 2013-01-23 01:11:05 +00:00
comp Assorted bugfixes: 2011-02-03 12:03:57 +00:00
conf PR: 2840 2012-07-03 20:20:11 +00:00
des Intel compiler support update from HEAD. 2012-11-28 13:12:09 +00:00
dh Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
dsa DH keys have an (until now) unused 'q' parameter. When creating from DSA copy 2011-11-14 14:16:09 +00:00
dso PR: 2589 2011-09-01 13:52:38 +00:00
ec Fix EC_KEY initialization race. 2012-10-05 20:50:38 +00:00
ecdh Fix EC_KEY initialization race. 2012-10-05 20:50:38 +00:00
ecdsa Fix EC_KEY initialization race. 2012-10-05 20:50:38 +00:00
engine make update 2013-01-15 16:24:07 +00:00
err Don't include comp.h if no-comp set. 2013-01-20 01:10:03 +00:00
evp make update 2013-01-15 16:24:07 +00:00
hmac Experimental multi-implementation support for FIPS capable OpenSSL. 2012-05-13 18:40:12 +00:00
idea make update 2013-01-15 16:24:07 +00:00
jpake apply J-PKAKE fix to HEAD (original by Ben) 2010-11-29 18:33:28 +00:00
krb5
lhash Revert lhash patch for PR#2124 2009-12-09 15:00:20 +00:00
md2 Prohibit use of low level digest APIs in FIPS mode. 2011-06-01 13:39:45 +00:00
md4 Fix some clang warnings. 2013-01-13 21:06:36 +00:00
md5 x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 22:51:29 +01:00
mdc2 Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
modes x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 22:51:29 +01:00
objects Fix some clang warnings. 2013-01-13 21:06:36 +00:00
ocsp constify 2013-01-17 16:35:50 +00:00
pem In FIPS mode use PKCS#8 format when writing private keys: 2013-01-07 16:16:43 +00:00
perlasm x86cpuid.pl: hide symbols [backport from x86_64, from HEAD]. 2012-08-29 14:24:18 +00:00
pkcs7 Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
pkcs12 Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
pqueue Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
rand PR: 2786 2012-08-22 22:43:03 +00:00
rc2 make update 2013-01-15 16:24:07 +00:00
rc4 x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 22:51:29 +01:00
rc5 Intel compiler support update from HEAD. 2012-11-28 13:12:09 +00:00
ripemd Fix some clang warnings. 2013-01-13 21:06:36 +00:00
rsa Add and use a constant-time memcmp. 2013-02-06 13:56:12 +00:00
seed Revert "version skew" patches that break FIPS compilation 2012-06-09 23:36:38 +00:00
sha x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 22:51:29 +01:00
srp Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
stack Add DTLS-SRTP. 2011-11-15 23:02:16 +00:00
store Make it possible to disable STORE. 2009-02-19 09:42:51 +00:00
threads Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda). 2009-05-15 16:37:08 +00:00
ts New function X509_chain_up_ref to dup and up the reference count of 2012-12-26 16:04:03 +00:00
txt_db Change STRING to OPENSSL_STRING etc as common words such 2009-07-27 21:08:53 +00:00
ui Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
whrlpool x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 22:51:29 +01:00
x509 initial support for delta CRL generations by diffing two full CRLs 2013-01-17 18:51:50 +00:00
x509v3 Portability fix: use BIO_snprintf and pick up strcasecmp alternative 2012-12-26 23:51:41 +00:00
.cvsignore
alphacpuid.pl Alpha assembler fixed from HEAD. 2011-08-12 12:31:08 +00:00
arm_arch.h ARM assembler pack update from HEAD. 2011-11-14 20:58:01 +00:00
armcap.c ARM assembler pack update from HEAD. 2011-11-14 20:58:01 +00:00
armv4cpuid.S ARM assembler pack update from HEAD. 2011-11-14 20:58:01 +00:00
cpt_err.c Implement FIPS_mode and FIPS_mode_set 2011-05-19 18:19:07 +00:00
cryptlib.c Add and use a constant-time memcmp. 2013-02-06 13:56:12 +00:00
cryptlib.h Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
crypto-lib.com Add the missing dh_rfc5114 and evp_cnf. 2012-07-05 13:00:45 +00:00
crypto.h Add and use a constant-time memcmp. 2013-02-06 13:56:12 +00:00
cversion.c
ebcdic.c
ebcdic.h
ex_data.c
fips_err.h Update error codes for FIPS. 2011-10-21 13:04:27 +00:00
fips_ers.c Add FIPS error codes. 2011-06-21 16:58:10 +00:00
ia64cpuid.S IA64 assembler pack update from HEAD. 2011-11-14 20:45:57 +00:00
install-crypto.com Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:47:47 +00:00
LPdir_nyi.c
LPdir_unix.c
LPdir_vms.c Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:47:47 +00:00
LPdir_win.c
LPdir_win32.c
LPdir_wince.c
Makefile typo 2011-12-10 01:37:55 +00:00
md32_common.h Intel compiler support update from HEAD. 2012-11-28 13:12:09 +00:00
mem.c Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
mem_clr.c
mem_dbg.c PR: 1894 2009-04-16 17:22:51 +00:00
o_dir.c
o_dir.h
o_dir_test.c
o_fips.c call OPENSSL_init when calling FIPS_mode too 2012-04-20 14:43:14 +00:00
o_init.c The first of many changes to make OpenSSL 1.0.1 FIPS capable. 2011-05-26 14:19:19 +00:00
o_str.c Update from HEAD. 2009-06-01 12:14:15 +00:00
o_str.h
o_time.c Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:47:47 +00:00
o_time.h Experimental new date handling routines. These fix issues with X509_time_adj() 2008-10-07 22:55:27 +00:00
opensslconf.h.in
opensslv.h set version to 1.0.2-dev 2012-03-22 15:29:21 +00:00
ossl_typ.h Backport PSS signature support from HEAD. 2011-10-09 23:13:50 +00:00
pariscid.pl PA-RISC assembler pack update from HEAD. 2011-11-14 20:50:15 +00:00
ppccap.c linux-ppc: make it more robust [from HEAD]. 2012-10-21 18:25:29 +00:00
ppccpuid.pl ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance 2012-04-27 20:19:23 +00:00
s390xcap.c s390x assembler pack update from HEAD. 2011-11-14 20:47:22 +00:00
s390xcpuid.S s390x assembler pack update from HEAD. 2011-11-14 20:47:22 +00:00
sparccpuid.S sparcv9cap.c: disengange Solaris-specific CPU detection routine in favour 2010-09-05 19:48:19 +00:00
sparcv9cap.c sparcv9cap.c: omit unused variable. 2012-01-12 14:19:52 +00:00
symhacks.h Added aliases for symbols longer than 31 chars. 2012-07-05 09:08:18 +00:00
uid.c
vms_rms.h Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:47:47 +00:00
x86_64cpuid.pl x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 22:51:29 +01:00
x86cpuid.pl x86cpuid.pl: hide symbols [backport from x86_64, from HEAD]. 2012-08-29 14:24:18 +00:00