Commits · 294d1e36c2495ff00e697c9ff622856d3114f14f · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Sep 24, 2014

RT3066: rewrite RSA padding checks to be slightly more constant time. · 294d1e36

Emilia Kasper authored Aug 28, 2014



Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

294d1e36

Sep 23, 2014
- make update · 51b7be8d
  Emilia Kasper authored Sep 23, 2014
```
Sync libeay.num from 1.0.2

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
```
  51b7be8d
- Note i2d_re_X509_tbs and related changes in CHANGES · 5f85f64f
  Emilia Kasper authored Sep 23, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit e9128d94)
```
  5f85f64f
- CHANGES: mention ECP_NISTZ256. · 507efe73
  Andy Polyakov authored Sep 23, 2014
```
Reviewed-by: Bodo Moeller <bodo@openssl.org>
```
  507efe73
Sep 21, 2014

crypto/rsa/rsa_chk.c: harmonize error codes. · 4513b1b6
Andy Polyakov authored Sep 21, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
4513b1b6
crypto/ecp_nistz256.c: harmonize error codes. · be07ae9b
Andy Polyakov authored Sep 21, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
be07ae9b

Fixed error introduced in commit · b5ff559f

Tim Hudson authored Sep 21, 2014


that fixed PR#3450 where an existing cast masked an issue when i was changed
from int to long in that commit

Picked up on z/linux (s390) where sizeof(int)!=sizeof(long)

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

b5ff559f

Sep 20, 2014
- Harmonize Tru64 and Linux make rules. · d475b2a3
  Andy Polyakov authored Sep 20, 2014
```
RT: 3333,3165
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  d475b2a3
Sep 19, 2014
- Fix warning. · 16e5b45f
  Dr. Stephen Henson authored Sep 19, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  16e5b45f
- RT3291: Add -crl and -revoke options to CA.pl · e8185aea
  Rich Salz authored Sep 18, 2014
```
Document the new features

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  e8185aea
Sep 18, 2014

RT2301: GetDIBits, not GetBitmapBits in rand_win · 99b00fd9

Jake Goulding authored Sep 05, 2014



GetDIBits has been around since Windows2000 and
BitBitmapBits is an old Win16 compatibility function
that is much slower.

Reviewed-by: Tim Hudson <tjh@openssl.org>

99b00fd9

Sep 11, 2014
- crypto/bn/asm/x86_64-mont*.pl: add missing clang detection. · 569e2d12
  Andy Polyakov authored Sep 12, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  569e2d12
- Configure: engage ECP_NISTZ256. · 84714790
  Andy Polyakov authored Sep 12, 2014
```
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  84714790
- Add ECP_NISTZ256 by Shay Gueron, Intel Corp. · 4d3fa06f
  Andy Polyakov authored Sep 12, 2014
```
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  4d3fa06f
- Reserve option to use BN_mod_exp_mont_consttime in ECDSA. · f54be179
  Andy Polyakov authored Sep 12, 2014
```
Submitted by Shay Gueron, Intel Corp.
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  f54be179
- perlasm/x86_64-xlate.pl: handle inter-bank movd. · 902b30df
  Andy Polyakov authored Sep 12, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  902b30df
- RT2772 update: c_rehash was broken · 6f46c3c3
  Rich Salz authored Sep 11, 2014
```
Move the readdir() lines out of the if statement, so
that flist is available globally.

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  6f46c3c3
Sep 10, 2014

RT3271 update; extra; semi-colon; confuses; some; · cb4bb56b
Rich Salz authored Sep 10, 2014
```
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
```
cb4bb56b

RT2560: missing NULL check in ocsp_req_find_signer · b2aa38a9

Rich Salz authored Sep 10, 2014



If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

b2aa38a9

Sep 09, 2014

RT2196: Clear up some README wording · 468ab1c2

Rich Salz authored Sep 09, 2014



Say where to email bug reports.
Mention general RT tracker info in a separate paragraph.

Reviewed-by: Tim Hudson <tjh@openssl.org>

468ab1c2

RT3192: spurious error in DSA verify · eb63bce0

Matt Caswell authored Sep 09, 2014



This is funny; Ben commented in the source, Matt opend a ticket,
and Rich is doing the submit.  Need more code-review? :)

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

eb63bce0

Merge branch 'master' of git.openssl.org:openssl · c939cca1

Rich Salz authored Sep 09, 2014



Previous commit was reviewed by Geoff, not Stephen:
Reviewed-by: Geoff Thorpe <geoff@openssl.org>

c939cca1

RT3271: Don't use "if !" in shell lines · 843921f2

Rich Salz authored Sep 09, 2014



For portability don't use "if ! expr"

Reviewed-by: Geoff Thorpe <geoff@openssl.org>

843921f2

RT3271: Don't use "if !" in shell lines · b999f66e

Rich Salz authored Sep 09, 2014



For portability don't use "if ! expr"

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

b999f66e

RT1909: Omit version for v1 certificates · 1f18f50c

Geoff Keating authored Sep 09, 2014



When calling X509_set_version to set v1 certificate, that
should mean that the version number field is omitted.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

1f18f50c

RT3506: typo's in ssltest · 4eadd11c
Kurt Cancemi authored Sep 09, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
4eadd11c

Sep 08, 2014

RT2841: Extra return in check_issued · 4cd1119d
Paul Suhler authored Sep 08, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
4cd1119d

RT2626: Change default_bits from 1K to 2K · 44e0c2ba

Kurt Roeckx authored Sep 08, 2014



This is a more comprehensive fix.  It changes all
keygen apps to use 2K keys. It also changes the
default to use SHA256 not SHA1.  This is from
Kurt's upstream Debian changes.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>

44e0c2ba

RT2600: Change Win line-endings to Unix. · 5f855569
Rich Salz authored Sep 08, 2014
```
For consistency.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
```
5f855569

RT2272: Add old-style hash to c_rehash · a787c259

Matthias Andree authored Sep 07, 2014



In addition to Matthias's change, I also added -n to
not remove links. And updated the manpage.

Reviewed-by: Tim Hudson <tjh@openssl.org>

a787c259

RT671: export(i2s|s2i|i2v|v2i)_ASN1_(IA5|BIT)STRING · 6452a139

Bjoern Zeeb authored Aug 14, 2014



The EXT_BITSTRING and EXT_IA5STRING are defined in x509v3.h, but
the low-level functions are not public. They are useful, no need
to make them static. Note that BITSTRING already was exposed since
this RT was created, so now we just export IA5STRING functions.

Reviewed-by: Tim Hudson <tjh@openssl.org>

6452a139

RT468: SSL_CTX_sess_set_cache_size wrong · e9edfc41

Rich Salz authored Sep 03, 2014



The documentation is wrong about what happens when the
session cache fills up.

Reviewed-by: Tim Hudson <tjh@openssl.org>

e9edfc41

RT3301: Discard too-long heartbeat requests · af4c6e34
Erik Auerswald authored Aug 26, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
af4c6e34

RT3291: Add -crl and -revoke options to CA.pl · 98ecf60b

Dario B authored Sep 04, 2014



I added some error-checking while integrating this patch.

Reviewed-by: Tim Hudson <tjh@openssl.org>

98ecf60b

RT2518: fix pod2man errors · fe757304

Scott Schaefer authored Aug 13, 2014



pod2man now complains when item tags are not sequential.
Also complains about missing =back and other tags.
Silence the warnings; most were already done.

Reviewed-by: Tim Hudson <tjh@openssl.org>

fe757304

RT992: RSA_check_key should have a callback arg · 2afb29b4

Rich Salz authored Aug 14, 2014



The original RT request included a patch.  By the time
we got around to doing it, however, the callback scheme
had changed. So I wrote a new function RSA_check_key_ex()
that uses the BN_GENCB callback.  But thanks very much
to Vinet Sharma <vineet.sharma@gmail.com> for the
initial implementation.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

2afb29b4

RT3108: OPENSSL_NO_SOCK should imply OPENSSL_NO_DGRAM · be0bd11d
Rich Salz authored Sep 04, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
be0bd11d

RT3031: Need to #undef some names for win32 · 83e4e03e

Robin Lee authored Sep 04, 2014



Copy the ifdef/undef stanza from x509.h to x509v3.h

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

83e4e03e

RT2849: Redundant check of "dsa" variable. · 3173622e

Rich Salz authored Sep 04, 2014



In the current code, the check isn't redundant.
And in fact the REAL check was missing.
This avoids a NULL-deref crash.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

3173622e

RT2843: Remove another spurious close-comment token · 683cd7c9
Martin Olsson authored Sep 04, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
683cd7c9