- Oct 15, 2014
-
-
Matt Caswell authored
Related to CVE-2014-3513 This fix was developed by the OpenSSL Team Reviewed-by: Tim Hudson <tjh@openssl.org> Conflicts: util/mkdef.pl util/ssleay.num Conflicts: util/mkdef.pl
-
Matt Caswell authored
CVE-2014-3513 This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team. The fix was developed by the OpenSSL team. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Bodo Moeller authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Andy Polyakov authored
RT: 3553 Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit 69d5747f)
-
Bodo Moeller authored
handling out of #ifndef OPENSSL_NO_DTLS1 section. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Bodo Moeller authored
TLS_FALLBACK_SCSV support, restoring a reviewed state instead. Reviewed-by: Stephen Henson <(steve@openssl.org)>
-
Bodo Moeller authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Oct 06, 2014
-
-
Matt Caswell authored
Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also remove duplicate definition of PKCS7_type_is_digest. PR#3551 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit e0fdea3e)
-
Ben Laurie authored
Reviewed-by: Geoffrey Thorpe <geoff@geoffthorpe.net>
-
- Oct 03, 2014
-
-
Rich Salz authored
If data is NULL, return the size needed to hold the derived key. No other API to do this, so document the behavior. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit 5aed1693)
-
- Oct 02, 2014
-
-
Bodo Moeller authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Sep 30, 2014
-
-
Rich Salz authored
Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 9208640a)
-
Andy Polyakov authored
Reviewed-by: Dr Stephen Henson <steve@openssl.org> (cherry picked from commit 55c7a4cf)
-
- Sep 29, 2014
-
-
Dr. Stephen Henson authored
Reencode DigestInto in DER and check against the original: this will reject any improperly encoded DigestInfo structures. Note: this is a precautionary measure, there is no known attack which can exploit this. Thanks to Brian Smith for reporting this issue. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Sep 25, 2014
-
-
Matt Caswell authored
Reviewed-by: Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by: Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by: Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Emilia Kasper authored
Accidentally omitted from commit 455b65df Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit fdc35a9d)
-
Tim Hudson authored
so the Win32 compile picks it up correctly. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Richard Levitte authored
The different -I compiler parameters will take care of the rest... Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Sep 24, 2014
-
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 5886354d)
-
Andy Polyakov authored
RT: 3541 Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit 8b07c005)
-
Andy Polyakov authored
Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 40155f40)
-
Emilia Kasper authored
Do the final padding check in EVP_DecryptFinal_ex in constant time to avoid a timing leak from padding failure. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 4aac102f) Conflicts: crypto/evp/evp_enc.c
-
Emilia Kasper authored
(Original commit adb46dbc ) Use the new constant-time methods consistently in s3_srvr.c Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit 455b65df)
-
Adam Langley authored
that bad encryptions are treated like random session keys in constant time. (cherry picked from commit adb46dbc ) Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Also tweak s3_cbc.c to use new constant-time methods. Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1 This patch is based on the original RT submission by Adam Langley <agl@chromium.org>, as well as code from BoringSSL and OpenSSL. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Conflicts: crypto/rsa/rsa_oaep.c crypto/rsa/rsa_pk1.c ssl/s3_cbc.c
-
- Sep 23, 2014
-
-
Emilia Kasper authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Emilia Kasper authored
i2d_re_X509_tbs re-encodes the TBS portion of the certificate. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Dr Stephen Henson <steve@openssl.org> (cherry picked from commit 95b1752c)
-
Emilia Kasper authored
This reverts commit 519ad9b3 . Reviewed-by: Dr Stephen Henson <steve@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
This reverts commit cacdfcb2 . Conflicts: crypto/x509/x509.h Reviewed-by: Dr Stephen Henson <steve@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Bodo Moeller <bodo@openssl.org> (cherry picked from commit 507efe73)
-
- Sep 21, 2014
-
-
Andy Polyakov authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit be07ae9b)
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 16e5b45f)
-
Andy Polyakov authored
RT: 3149 Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Andy Polyakov authored
RT: 3149 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 84714790) Resolved conflicts: Configure TABLE
-