Commits · e14b8410ca882da8e9579a2d928706f894c8e1ae · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Mar 19, 2013
- Disable compression for DTLS. · e14b8410
  Dr. Stephen Henson authored Mar 19, 2013
```
The only standard compression method is stateful and is incompatible with
DTLS.
```
  e14b8410
Mar 18, 2013
- x86cpuid.pl: make it work with older CPUs. · 2a1ab7b4
  Andy Polyakov authored Mar 04, 2013
```
PR: 3005
(cherry picked from commit 5702e965)
```
  2a1ab7b4
- e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms. · dd1e4fbc
  Andy Polyakov authored Mar 18, 2013
```
PR: 3002
(cherry picked from commit 5c600465)
```
  dd1e4fbc
- Avoid unnecessary fragmentation. · 3f84d34c
  Michael Tuexen authored Mar 18, 2013
```
(cherry picked from commit 80ccc66d)
```
  3f84d34c
- Encode INTEGER correctly. · d7e429b9
  Dr. Stephen Henson authored Mar 18, 2013
```
If an ASN1_INTEGER structure is allocated but not explicitly set encode
it as zero: don't generate an invalid zero length INTEGER.
(cherry picked from commit 1643edc6)
```
  d7e429b9
- Typo. · 155ef13c
  Dr. Stephen Henson authored Mar 18, 2013
```
(cherry picked from commit 1546fb78)
```
  155ef13c
Mar 04, 2013
- Update ordinals. · c3466040
  Dr. Stephen Henson authored Mar 04, 2013
  
  c3466040
Mar 01, 2013
- x86_64-gf2m.pl: fix typo. · 2d9be794
  Andy Polyakov authored Mar 01, 2013
```
(cherry picked from commit 342dbbbe)
```
  2d9be794
- x86_64-gf2m.pl: add missing Windows build fix for #2963. · 2e4b7eed
  Andy Polyakov authored Mar 01, 2013
```
PR: 3004
(cherry picked from commit 7c43601d)
```
  2e4b7eed
Feb 26, 2013

Add function CMS_RecipientInfo_encrypt · e1dee801

Dr. Stephen Henson authored Feb 26, 2013

Add CMS_RecipientInfo_encrypt: this function encrypts an existing content
encryption key to match the key in the RecipientInfo structure: this is
useful if a new recpient is added to and existing enveloped data structure.

Add documentation.
(cherry picked from commit e1f1d28f)

e1dee801

Fix error codes. · 3c53fd89
Dr. Stephen Henson authored Feb 26, 2013
```
(cherry picked from commit 388aff08)
```
3c53fd89

Demo code for SSL_CONF API · c46990b1

Dr. Stephen Henson authored Feb 26, 2013

Two example programs one for command line argument processing and
one for configuration file processing.
(cherry picked from commit 3646578a)

c46990b1

Update SSL_CONF docs. · 1510b1f4

Dr. Stephen Henson authored Feb 26, 2013

Fix some typos and update version number first added: it has now been
backported to OpenSSL 1.0.2.
(cherry picked from commit 4365e4aa)

1510b1f4

Feb 25, 2013

New -force_pubkey option to x509 utility to supply a different public · f8a69166

Dr. Stephen Henson authored Oct 07, 2011

key to the one in a request. This is useful for cases where the public
key cannot be used for signing e.g. DH.
(cherry picked from commit 43206a2d)

f8a69166

Feb 16, 2013
- bn_nist.c: work around clang 3.0 bug. · b9eef988
  Andy Polyakov authored Feb 14, 2013
```
(cherry picked from commit 750398ac)
```
  b9eef988
Feb 15, 2013

Fix POD errors to stop make install_docs dying with pod2man 2.5.0+ · ae5c1ca3

Nick Alcock authored Feb 15, 2013

podlators 2.5.0 has switched to dying on POD syntax errors. This means
that a bunch of long-standing erroneous POD in the openssl documentation
now leads to fatal errors from pod2man, halting installation.

Unfortunately POD constraints mean that you have to sort numeric lists
in ascending order if they start with 1: you cannot do 1, 0, 2 even if
you want 1 to appear first. I've reshuffled such (alas, I wish there
were a better way but I don't know of one).
(cherry picked from commit 5cc27077)

ae5c1ca3

Feb 14, 2013
- cms-test.pl: make it work with not-so-latest perl. · 188ab7df
  Andy Polyakov authored May 16, 2011
```
(cherry picked from commit 9c437e2f)
```
  188ab7df
Feb 12, 2013

Upate FAQ. · 2e3d02fe

Dr. Stephen Henson authored Feb 12, 2013

Add description of "allocate and encode" operation for ASN1 routines.

Document how versioning will for after the letter release reaches
y.
(cherry picked from commit 2527b94f)

2e3d02fe

Check DTLS_BAD_VER for version number. · 3a3a1af1

David Woodhouse authored Feb 12, 2013

The version check for DTLS1_VERSION was redundant as
DTLS1_VERSION > TLS1_1_VERSION, however we do need to
check for DTLS1_BAD_VER for compatibility.

PR:2984
(cherry picked from commit d980abb2)

3a3a1af1

Feb 11, 2013
- Fix in ssltest is no-ssl2 configured · 0ced72c6
  Dr. Stephen Henson authored Feb 11, 2013
```
(cherry picked from commit cbf9b4ae)
```
  0ced72c6
- FAQ/README: we are now using Git instead of CVS · 5584a954
  Lutz Jaenicke authored Feb 11, 2013
```
(cherry picked from commit f88dbb83)
```
  5584a954
- sparccpuid.S: work around emulator bug on T1. · a3e66779
  Andy Polyakov authored Feb 11, 2013
```
(cherry picked from commit 3caeef94)
```
  a3e66779
Feb 08, 2013

s3_cbc.c: make CBC_MAC_ROTATE_IN_PLACE universal. · 919eab8a
Andy Polyakov authored Feb 08, 2013
```
(cherry picked from commit f93a4187)
```
919eab8a
s3_cbc.c: get rid of expensive divisions [from master]. · e9baceab
Andy Polyakov authored Feb 08, 2013

e9baceab
ssl/[d1|s3]_pkt.c: harmomize orig_len handling. · b05561c4
Andy Polyakov authored Feb 07, 2013
```
(cherry picked from commit 8545f73b)
```
b05561c4

Fix IV check and padding removal. · b7355af4

Dr. Stephen Henson authored Feb 07, 2013

Fix the calculation that checks there is enough room in a record
after removing padding and optional explicit IV. (by Steve)

For AEAD remove the correct number of padding bytes (by Andy)
(cherry picked from commit 32cc2479)

b7355af4

Fix for EXP-RC2-CBC-MD5 · 0462eedf

Adam Langley authored Feb 06, 2013

MD5 should use little endian order. Fortunately the only ciphersuite
affected is EXP-RC2-CBC-MD5 (TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5) which
is a rarely used export grade ciphersuite.
(cherry picked from commit f306b87d)

0462eedf

e_aes_cbc_hmac_sha1.c: align calculated MAC at cache line. · 82425f2c
Andy Polyakov authored Feb 08, 2013
```
It also ensures that valgring is happy.
(cherry picked from commit 2141e6f3)
```
82425f2c

Feb 06, 2013

e_aes_cbc_hmac_sha1.c: cleanse temporary copy of HMAC secret. · af010edd
Andy Polyakov authored Feb 03, 2013
```
(cherry picked from commit 529d27ea)
```
af010edd
e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. · 5966f4d9
Andy Polyakov authored Feb 02, 2013
```
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
(cherry picked from commit 125093b5)
```
5966f4d9

ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility. · eeb486a5

Andy Polyakov authored Feb 01, 2013

Kludge alert. This is arranged by passing padding length in unused
bits of SSL3_RECORD->type, so that orig_len can be reconstructed.
(cherry picked from commit 8bfd4c65)

eeb486a5

Don't access EVP_MD_CTX internals directly. · d7f55e76
Dr. Stephen Henson authored Feb 01, 2013
```
(cherry picked from commit 04e45b52)
```
d7f55e76
s3/s3_cbc.c: allow for compilations with NO_SHA256|512. · 7d9e781a
Andy Polyakov authored Feb 01, 2013
```
(cherry picked from commit d5371324)
```
7d9e781a

ssl/s3_cbc.c: md_state alignment portability fix. · e0c21a0b

Andy Polyakov authored Feb 01, 2013

RISCs are picky and alignment granted by compiler for md_state can be
insufficient for SHA512.
(cherry picked from commit 36260233)

e0c21a0b

ssl/s3_cbc.c: uint64_t portability fix. · 1dfb4b94

Andy Polyakov authored Feb 01, 2013

Break dependency on uint64_t. It's possible to declare bits as
unsigned int, because TLS packets are limited in size and 32-bit
value can't overflow.
(cherry picked from commit cab13fc8)

1dfb4b94

typo. · e5cb7743
Dr. Stephen Henson authored Jan 31, 2013
```
(cherry picked from commit 34ab3c8c)
```
e5cb7743
Add ordinal for CRYPTO_memcmp: since this will affect multiple · 73390e6b
Dr. Stephen Henson authored Jan 31, 2013
```
branches it needs to be in a "gap".
(cherry picked from commit 81ce0e14)
```
73390e6b

Timing fix mitigation for FIPS mode. · d91d9acc

Dr. Stephen Henson authored Jan 29, 2013

We have to use EVP in FIPS mode so we can only partially mitigate
timing differences.

Make an extra call to EVP_DigestSignUpdate to hash additonal blocks
to cover any timing differences caused by removal of padding.
(cherry picked from commit b908e88e)

d91d9acc

Oops. Add missing file. · 820988a0
Ben Laurie authored Jan 28, 2013
```
(cherry picked from commit 014265eb)
```
820988a0

Update DTLS code to match CBC decoding in TLS. · 1326a64a

Ben Laurie authored Jan 28, 2013

This change updates the DTLS code to match the constant-time CBC
behaviour in the TLS.
(cherry picked from commit 9f27de17)

1326a64a