Commits · 1cfd255c9123cdb4637cc9a65c6665fe4a06c6d5 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Sep 29, 2014

Add additional DigestInfo checks. · 1cfd255c

Dr. Stephen Henson authored Sep 25, 2014



Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>

1cfd255c

Sep 25, 2014

Remove #ifdef's for IRIX_CC_BUG · 3d81ec5b
Rich Salz authored Sep 25, 2014
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
```
3d81ec5b

RT3544: Must update TABLE after Configure change · 008bef52

Rich Salz authored Sep 25, 2014



Also add comment to Configure reminding people to do that.

Reviewed-by: Andy Polyakov <appro@openssl.org>

008bef52

Add missing tests · fdc35a9d

Emilia Kasper authored Sep 25, 2014

Accidentally omitted from commit 455b65df



Reviewed-by: Kurt Roeckx <kurt@openssl.org>

fdc35a9d

Sep 24, 2014

Use correct function name: CMS_add1_signer() · 5886354d
Dr. Stephen Henson authored Sep 20, 2014
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
5886354d
crypto/bn/bn_nist.c: work around MSC ARM compiler bug. · 8b07c005
Andy Polyakov authored Sep 25, 2014
```
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
```
8b07c005
e_os.h: allow inline functions to be compiled by legacy compilers. · 40155f40
Andy Polyakov authored Sep 25, 2014
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
40155f40

RT3544: Remove MWERKS support · 92c78463

Rich Salz authored Sep 24, 2014



The following #ifdef tests were all removed:
	__MWERKS__
	MAC_OS_pre_X
	MAC_OS_GUSI_SOURCE
	MAC_OS_pre_X
	OPENSSL_SYS_MACINTOSH_CLASSIC
	OPENSSL_SYS_MACOSX_RHAPSODY

Reviewed-by: Andy Polyakov <appro@openssl.org>

92c78463

RT3425: constant-time evp_enc · 4aac102f

Emilia Kasper authored Sep 05, 2014



Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.

Reviewed-by: Rich Salz <rsalz@openssl.org>

4aac102f

RT3067: simplify patch · 455b65df

Emilia Kasper authored Sep 04, 2014

(Original commit adb46dbc

)

Use the new constant-time methods consistently in s3_srvr.c

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

455b65df

RT3066: rewrite RSA padding checks to be slightly more constant time. · 294d1e36

Emilia Kasper authored Aug 28, 2014



Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

294d1e36

Sep 23, 2014

make update · 51b7be8d

Emilia Kasper authored Sep 23, 2014



Sync libeay.num from 1.0.2

Reviewed-by: Dr Stephen Henson <steve@openssl.org>

51b7be8d

Note i2d_re_X509_tbs and related changes in CHANGES · 5f85f64f

Emilia Kasper authored Sep 23, 2014



Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit e9128d9401ad617e17c5eb3772512c24b038b967)

5f85f64f

CHANGES: mention ECP_NISTZ256. · 507efe73
Andy Polyakov authored Sep 23, 2014
```
Reviewed-by: Bodo Moeller <bodo@openssl.org>
```
507efe73

Sep 21, 2014

crypto/rsa/rsa_chk.c: harmonize error codes. · 4513b1b6
Andy Polyakov authored Sep 21, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
4513b1b6
crypto/ecp_nistz256.c: harmonize error codes. · be07ae9b
Andy Polyakov authored Sep 21, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
be07ae9b

Fixed error introduced in commit · b5ff559f

Tim Hudson authored Sep 21, 2014


that fixed PR#3450 where an existing cast masked an issue when i was changed
from int to long in that commit

Picked up on z/linux (s390) where sizeof(int)!=sizeof(long)

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

b5ff559f

Sep 20, 2014
- Harmonize Tru64 and Linux make rules. · d475b2a3
  Andy Polyakov authored Sep 20, 2014
```
RT: 3333,3165
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  d475b2a3
Sep 19, 2014
- Fix warning. · 16e5b45f
  Dr. Stephen Henson authored Sep 19, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  16e5b45f
- RT3291: Add -crl and -revoke options to CA.pl · e8185aea
  Rich Salz authored Sep 18, 2014
```
Document the new features

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  e8185aea
Sep 18, 2014

RT2301: GetDIBits, not GetBitmapBits in rand_win · 99b00fd9

Jake Goulding authored Sep 05, 2014



GetDIBits has been around since Windows2000 and
BitBitmapBits is an old Win16 compatibility function
that is much slower.

Reviewed-by: Tim Hudson <tjh@openssl.org>

99b00fd9

Sep 11, 2014
- crypto/bn/asm/x86_64-mont*.pl: add missing clang detection. · 569e2d12
  Andy Polyakov authored Sep 12, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  569e2d12
- Configure: engage ECP_NISTZ256. · 84714790
  Andy Polyakov authored Sep 12, 2014
```
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  84714790
- Add ECP_NISTZ256 by Shay Gueron, Intel Corp. · 4d3fa06f
  Andy Polyakov authored Sep 12, 2014
```
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  4d3fa06f
- Reserve option to use BN_mod_exp_mont_consttime in ECDSA. · f54be179
  Andy Polyakov authored Sep 12, 2014
```
Submitted by Shay Gueron, Intel Corp.
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  f54be179
- perlasm/x86_64-xlate.pl: handle inter-bank movd. · 902b30df
  Andy Polyakov authored Sep 12, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  902b30df
- RT2772 update: c_rehash was broken · 6f46c3c3
  Rich Salz authored Sep 11, 2014
```
Move the readdir() lines out of the if statement, so
that flist is available globally.

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  6f46c3c3
Sep 10, 2014

RT3271 update; extra; semi-colon; confuses; some; · cb4bb56b
Rich Salz authored Sep 10, 2014
```
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
```
cb4bb56b

RT2560: missing NULL check in ocsp_req_find_signer · b2aa38a9

Rich Salz authored Sep 10, 2014



If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

b2aa38a9

Sep 09, 2014

RT2196: Clear up some README wording · 468ab1c2

Rich Salz authored Sep 09, 2014



Say where to email bug reports.
Mention general RT tracker info in a separate paragraph.

Reviewed-by: Tim Hudson <tjh@openssl.org>

468ab1c2

RT3192: spurious error in DSA verify · eb63bce0

Matt Caswell authored Sep 09, 2014



This is funny; Ben commented in the source, Matt opend a ticket,
and Rich is doing the submit.  Need more code-review? :)

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

eb63bce0

Merge branch 'master' of git.openssl.org:openssl · c939cca1

Rich Salz authored Sep 09, 2014



Previous commit was reviewed by Geoff, not Stephen:
Reviewed-by: Geoff Thorpe <geoff@openssl.org>

c939cca1

RT3271: Don't use "if !" in shell lines · 843921f2

Rich Salz authored Sep 09, 2014



For portability don't use "if ! expr"

Reviewed-by: Geoff Thorpe <geoff@openssl.org>

843921f2

RT3271: Don't use "if !" in shell lines · b999f66e

Rich Salz authored Sep 09, 2014



For portability don't use "if ! expr"

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

b999f66e

RT1909: Omit version for v1 certificates · 1f18f50c

Geoff Keating authored Sep 09, 2014



When calling X509_set_version to set v1 certificate, that
should mean that the version number field is omitted.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

1f18f50c

RT3506: typo's in ssltest · 4eadd11c
Kurt Cancemi authored Sep 09, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
4eadd11c

Sep 08, 2014

RT2841: Extra return in check_issued · 4cd1119d
Paul Suhler authored Sep 08, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
4cd1119d

RT2626: Change default_bits from 1K to 2K · 44e0c2ba

Kurt Roeckx authored Sep 08, 2014



This is a more comprehensive fix.  It changes all
keygen apps to use 2K keys. It also changes the
default to use SHA256 not SHA1.  This is from
Kurt's upstream Debian changes.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>

44e0c2ba

RT2600: Change Win line-endings to Unix. · 5f855569
Rich Salz authored Sep 08, 2014
```
For consistency.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
```
5f855569

RT2272: Add old-style hash to c_rehash · a787c259

Matthias Andree authored Sep 07, 2014



In addition to Matthias's change, I also added -n to
not remove links. And updated the manpage.

Reviewed-by: Tim Hudson <tjh@openssl.org>

a787c259