openssl/crypto/bn
Dr. Stephen Henson f9b6c0ba4c Fix for CVE-2014-0076
Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140

Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
(cherry picked from commit 2198be3483)

Conflicts:

	CHANGES
2014-03-12 14:29:43 +00:00
..
asm bn/asm/x86_64-mont5.pl: fix compilation error on Solaris. 2014-01-09 13:44:59 +01:00
.cvsignore Update ignores. 2012-12-11 15:52:10 +00:00
bn.h Fix for CVE-2014-0076 2014-03-12 14:29:43 +00:00
bn.mul
bn_add.c Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files 2011-02-03 17:00:24 +00:00
bn_asm.c Experimental symbol renaming to avoid clashes with regular OpenSSL. 2011-02-16 14:40:06 +00:00
bn_blind.c BN_BLINDING multi-threading fix. 2011-10-19 14:59:27 +00:00
bn_const.c Initialize bignum constants using BN_bin2bn() instead of BN_hex2bn(). This 2005-10-05 17:51:43 +00:00
bn_ctx.c Move all FIPSAPI renames into fips.h header file, include early in 2011-01-27 19:10:56 +00:00
bn_depr.c remove accidentally committed debugging cruft. 2003-10-29 05:35:31 +00:00
bn_div.c bn_div.c: remove duplicate code by merging BN_div and BN_div_no_branch. 2011-08-14 11:31:35 +00:00
bn_err.c Add secure DSA nonce flag. 2013-06-13 17:26:07 +01:00
bn_exp.c bn/asm/x86_64-mont5.pl: add MULX/AD*X code path. 2013-12-09 21:02:24 +01:00
bn_exp2.c Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files 2011-02-03 17:00:24 +00:00
bn_gcd.c Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files 2011-02-03 17:00:24 +00:00
bn_gf2m.c don't shadow 2012-03-30 15:43:32 +00:00
bn_kron.c Add missing bn_check_top()s to bn_kron.c, remove some miscellaneous 2003-12-01 23:11:45 +00:00
bn_lcl.h Initial aarch64 bits. 2013-10-13 19:15:15 +02:00
bn_lib.c Fix for CVE-2014-0076 2014-03-12 14:29:43 +00:00
bn_mod.c Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files 2011-02-03 17:00:24 +00:00
bn_mont.c bn_mont.c: get corner cases right in updated BN_from_montgomery_word. 2011-10-17 23:35:00 +00:00
bn_mpi.c Revert the size_t modifications from HEAD that had led to more 2008-11-12 03:58:08 +00:00
bn_mul.c Fix warnings. 2010-06-12 14:13:23 +00:00
bn_nist.c bn_nist.c: work around clang 3.0 bug. 2013-02-14 09:51:41 +01:00
bn_prime.c Ensure that, when generating small primes, the result is actually of the 2013-06-04 18:52:30 +01:00
bn_prime.h Allow for dynamic base in Win64 FIPS module. 2011-09-14 20:48:49 +00:00
bn_prime.pl Minimize stack utilization in probable_prime. 2007-09-18 20:52:05 +00:00
bn_print.c Move BN_options function to bn_print.c to remove dependency for BIO printf 2011-01-25 17:10:30 +00:00
bn_rand.c Add secure DSA nonce flag. 2013-06-13 17:26:07 +01:00
bn_recp.c Version skew reduction: trivia (I hope). 2012-06-03 22:00:21 +00:00
bn_shift.c bn_shift.c: minimize reallocations, which allows BN_FLG_STATIC_DATA to 2011-10-17 17:20:48 +00:00
bn_sqr.c fix warnings when building openssl with the following compiler options: 2005-08-28 22:49:57 +00:00
bn_sqrt.c avoid potential spurious BN_free() 2005-08-23 04:14:40 +00:00
bn_word.c bn_word.c: fix overflow bug in BN_add_word. 2012-11-09 13:58:40 +00:00
bn_x931p.c add X9.31 prime generation routines from 0.9.8 branch 2011-01-09 13:02:14 +00:00
bnspeed.c Code for better build under Darwin (MacOS X). 2001-03-07 10:04:00 +00:00
bntest.c Ensure that, when generating small primes, the result is actually of the 2013-06-04 18:52:30 +01:00
divtest.c Fix to build better with DJGPP. 2002-11-14 11:22:01 +00:00
exp.c - Pseudo-seed the PRNG in programs used for "make test" 2000-01-14 17:55:37 +00:00
expspeed.c Implement fixed-window exponentiation to mitigate hyper-threading 2005-05-16 01:43:31 +00:00
exptest.c Ensure that x**0 mod 1 = 0. 2013-06-04 18:47:11 +01:00
Makefile make depend 2014-02-19 20:09:08 +00:00
rsaz_exp.c crypto/bn/asm/rsaz-x86_64.pl: make it work on Win64. 2013-12-03 22:28:48 +01:00
rsaz_exp.h Take RSAZ modules into build loop, add glue and engage. 2013-07-05 21:39:47 +02:00
todo misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
vms-helper.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00