Skip to content
  1. Mar 12, 2014
    • Dr. Stephen Henson's avatar
      Fix for CVE-2014-0076 · 2198be34
      Dr. Stephen Henson authored
      Fix for the attack described in the paper "Recovering OpenSSL
      ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
      by Yuval Yarom and Naomi Benger. Details can be obtained from:
      http://eprint.iacr.org/2014/140
      
      Thanks to Yuval Yarom and Naomi Benger for discovering this
      flaw and to Yuval Yarom for supplying a fix.
      2198be34
  2. Mar 10, 2014
  3. Mar 07, 2014
  4. Feb 26, 2014
  5. Feb 25, 2014
  6. Feb 24, 2014
  7. Feb 15, 2014
  8. Feb 14, 2014
    • Kurt Roeckx's avatar
      Use defaults bits in req when not given · d43301b7
      Kurt Roeckx authored
      If you use "-newkey rsa" it's supposed to read the default number of bits from the
      config file.  However the value isn't used to generate the key, but it does
      print it's generating such a key.  The set_keygen_ctx() doesn't call
      EVP_PKEY_CTX_set_rsa_keygen_bits() and you end up with the default set in
      pkey_rsa_init() (1024).  Afterwards the number of bits gets read from the config
      file, but nothing is done with that anymore.
      
      We now read the config first and use the value from the config file when no size
      is given.
      
      PR: 2592
      (cherry picked from commit 33432203)
      d43301b7
    • Kurt Roeckx's avatar
      Fix additional pod errors with numbered items. · 4727d574
      Kurt Roeckx authored
      (cherry picked from commit e547c45f)
      4727d574
    • Scott Schaefer's avatar
      Fix various spelling errors · b815ab21
      Scott Schaefer authored
      (cherry picked from commit 2b4ffc65)
      b815ab21
    • Scott Schaefer's avatar
      Document pkcs12 -password behavior · ffaebdf3
      Scott Schaefer authored
      apps/pkcs12.c accepts -password as an argument.  The document author
      almost certainly meant to write "-password, -passin".
      
      However, that is not correct, either.  Actually the code treats
      -password as equivalent to -passin, EXCEPT when -export is also
      specified, in which case -password as equivalent to -passout.
      (cherry picked from commit 856c6dfb)
      ffaebdf3
  9. Jan 29, 2014
    • Dr. Stephen Henson's avatar
      Clarify docs. · 8e04001f
      Dr. Stephen Henson authored
      Remove reference to ERR_TXT_MALLOCED in the error library as that is
      only used internally. Indicate that returned error data must not be
      freed.
      (cherry picked from commit f2d678e6)
      8e04001f
  10. Jan 28, 2014
  11. Jan 23, 2014
  12. Jan 16, 2014
  13. Jan 11, 2014
  14. Jan 10, 2014
  15. Jan 09, 2014
  16. Jan 06, 2014
  17. Jan 04, 2014
    • Dr. Stephen Henson's avatar
      Restore SSL_OP_MSIE_SSLV2_RSA_PADDING · 1b0d4812
      Dr. Stephen Henson authored
      The flag SSL_OP_MSIE_SSLV2_RSA_PADDING hasn't done anything since OpenSSL
      0.9.7h but deleting it will break source compatibility with any software
      that references it. Restore it but #define to zero.
      (cherry picked from commit b17d6b8d)
      1b0d4812
  18. Jan 02, 2014
  19. Dec 20, 2013
  20. Dec 10, 2013
  21. Dec 09, 2013
  22. Nov 27, 2013
  23. Nov 11, 2013
  24. Nov 09, 2013
  25. Nov 08, 2013
  26. Nov 06, 2013
  27. Nov 05, 2013