Commits · f9b6c0ba4c02497782f801e3c45688f3efaac55c · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

12 Mar, 2014 1 commit

Fix for CVE-2014-0076 · f9b6c0ba

Dr. Stephen Henson authored Mar 12, 2014

Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140

Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
(cherry picked from commit 2198be34)

Conflicts:

	CHANGES

f9b6c0ba

10 Mar, 2014 2 commits
- typo · a029788b
  Dr. Stephen Henson authored Mar 10, 2014
  
  a029788b
- Simplify ssl_add_cert_chain logic. · d628885e
  Dr. Stephen Henson authored Mar 09, 2014
  
  d628885e
07 Mar, 2014 3 commits

Remove -WX option from debug-VC-WIN32 · ab0f8804
Dr. Stephen Henson authored Mar 07, 2014
```
(cherry picked from commit 7a3e67f029969620966b8a627b8485d83692cca5)
```
ab0f8804
engines/ccgost/gosthash.c: simplify and avoid SEGV. · ea38f020
Andy Polyakov authored Mar 07, 2014
```
PR: 3275
```
ea38f020

SPARC T4 assembly pack: treat zero input length in CBC. · 5e44c144

Andy Polyakov authored Mar 07, 2014

The problem is that OpenSSH calls EVP_Cipher, which is not as
protective as EVP_CipherUpdate. Formally speaking we ought to
do more checks in *_cipher methods, including rejecting
lengths not divisible by block size (unless ciphertext stealing
is in place). But for now I implement check for zero length in
low-level based on precedent.

PR: 3087, 2775

5e44c144

06 Mar, 2014 3 commits
- dh_check.c: check BN_CTX_get's return value. · 53e51612
  Andy Polyakov authored Mar 06, 2014
  
  53e51612
- test/Makefile: allow emulated test (e.g. under wine). · 687403fb
  Andy Polyakov authored Mar 06, 2014
```
Submitted by: Roumen Petrov
```
  687403fb
- bss_dgram.c,d1_lib.c: make it compile with mingw. · 972b0dc3
  Andy Polyakov authored Mar 06, 2014
```
Submitted by: Roumen Petrov
```
  972b0dc3
03 Mar, 2014 1 commit
- For self signed root only indicate one error. · 315cd871
  Dr. Stephen Henson authored Mar 03, 2014
```
(cherry picked from commit bdfc0e28)
```
  315cd871
01 Mar, 2014 3 commits

PKCS#8 support for alternative PRFs. · 5693a308

Dr. Stephen Henson authored Feb 28, 2014

Add option to set an alternative to the default hmacWithSHA1 PRF
for PKCS#8 private key encryptions. This is used automatically
by PKCS8_encrypt if the nid specified is a PRF.

Add option to pkcs8 utility.

Update docs.
(cherry picked from commit b60272b0)

5693a308

Fix memory leak. · 01757858
Dr. Stephen Henson authored Feb 28, 2014
```
(cherry picked from commit 124d2188)
```
01757858

Add function to free compression methods. · db7b5e0d

Dr. Stephen Henson authored Feb 28, 2014

Although the memory allocated by compression methods is fixed and
cannot grow over time it can cause warnings in some leak checking
tools. The function SSL_COMP_free_compression_methods() will free
and zero the list of supported compression methods. This should
*only* be called in a single threaded context when an application
is shutting down to avoid interfering with existing contexts
attempting to look up compression methods.
(cherry picked from commit 976c5830)

db7b5e0d

28 Feb, 2014 1 commit
- Makefile.org: fix syntax error on Solaris. · 65370f9b
  Andy Polyakov authored Feb 28, 2014
```
PR: 3271
```
  65370f9b
27 Feb, 2014 5 commits
- Configure: mark unixware target as elf-1. · 4ca02656
  Andy Polyakov authored Feb 27, 2014
  
  4ca02656
- perlasm/x86asm.pl: recognize elf-1 denoting old ELF platforms. · b62a4a1c
  Andy Polyakov authored Feb 27, 2014
  
  b62a4a1c
- perlasm/x86gas.pl: limit special OPENSSL_ia32cap_P treatment to ELF. · ce876d83
  Andy Polyakov authored Feb 27, 2014
  
  ce876d83
- rc4/asm/rc4-586.pl: allow for 386-only build. · f861b1d4
  Andy Polyakov authored Feb 27, 2014
  
  f861b1d4
- des/asm/des-586.pl: shortcut reference to DES_SPtrans. · fd361a67
  Andy Polyakov authored Feb 27, 2014
  
  fd361a67
26 Feb, 2014 5 commits
- CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. · 52f71f81
  Rob Stradling authored Feb 25, 2014
  
  52f71f81
- Fix for WIN32 builds with KRB5 · 031ea2d1
  Dr. Stephen Henson authored Feb 26, 2014
```
(cherry picked from commit 3eddd1706a30cdf3dc9278692d8ee9038eac8a0d)
```
  031ea2d1
- sha/asm/sha256-586.pl: don't try to compile SIMD with no-sse2. · d49135e7
  Andy Polyakov authored Feb 26, 2014
  
  d49135e7
- sha/asm/sha512-x86_64.pl: fix compilation error on Solaris. · 147cca8f
  Andy Polyakov authored Feb 26, 2014
  
  147cca8f
- Configure: blended processor target in solaris-x86-cc. · 7bb9d84e
  Andy Polyakov authored Feb 26, 2014
  
  7bb9d84e
25 Feb, 2014 7 commits
- ssl/t1_enc.c: check EVP_MD_CTX_copy return value. · 03da57fe
  Andy Polyakov authored Feb 25, 2014
```
PR: 3201
```
  03da57fe
- aes/asm/vpaes-ppc.pl: fix traceback info. · e704741b
  Andy Polyakov authored Feb 25, 2014
  
  e704741b
- Don't use BN_ULLONG in n2l8 use SCTS_TIMESTAMP. · e0520c65
  Dr. Stephen Henson authored Feb 25, 2014
```
(cherry picked from commit 3678161d)
```
  e0520c65
- Fix for v3_scts.c · 3a325c60
  Dr. Stephen Henson authored Feb 25, 2014
```
Not all platforms define BN_ULLONG. Define SCTS_TIMESTAMP as a type
which should work on all platforms.
(cherry picked from commit 66344167)
```
  3a325c60
- Add -show_chain option to print out verified chain. · 86a2f966
  Dr. Stephen Henson authored Feb 25, 2014
  
  86a2f966
- Avoid Windows 8 Getversion deprecated errors. · a4cc3c80
  Dr. Stephen Henson authored Feb 25, 2014
```
Windows 8 SDKs complain that GetVersion() is deprecated.

We only use GetVersion like this:

	(GetVersion() < 0x80000000)

which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
```
  a4cc3c80
- Parse non-v1 SCTs less awkwardly. · 19f65ddb
  Rob Stradling authored Feb 25, 2014
  
  19f65ddb
24 Feb, 2014 4 commits
- ms/do_win64a.bat: forward to NUL, not NUL:. · 63aff300
  Andy Polyakov authored Feb 24, 2014
```
Allegedly formwarding to NUL: sometimes creates NUL file in file
system.

PR: 3250
```
  63aff300
- BC-32.pl: refresh Borland C support. · 779c51c6
  Andy Polyakov authored Feb 24, 2014
```
PR: 3251
Suggested by: Thorsten Schning
```
  779c51c6
- x509/by_dir.c: fix run-away pointer (and potential SEGV) · 758954e0
  Andy Polyakov authored Feb 24, 2014
```
when adding duplicates in add_cert_dir.

PR: 3261
Reported by: Marian Done
```
  758954e0
- config: recognize ARMv8/AArch64 target. · d099f0ed
  Andy Polyakov authored Feb 24, 2014
  
  d099f0ed
23 Feb, 2014 2 commits

Only set current certificate to valid values. · 358d352a
Dr. Stephen Henson authored Feb 23, 2014
```
When setting the current certificate check that it has a corresponding
private key.
```
358d352a

New chain building flags. · 13dc3ce9

Dr. Stephen Henson authored Feb 23, 2014

New flags to build certificate chains. The can be used to rearrange
the chain so all an application needs to do is add all certificates
in arbitrary order and then build the chain to check and correct them.

Add verify error code when building chain.

Update docs.

13dc3ce9

21 Feb, 2014 2 commits
- Option to set current cert to server certificate. · daddd9a9
  Dr. Stephen Henson authored Feb 21, 2014
  
  daddd9a9
- aes/asm/aesni-x86[_64].pl: minor Atom-specific performance tweak. · 214368ff
  Andy Polyakov authored Feb 21, 2014
  
  214368ff
20 Feb, 2014 1 commit
- fix WIN32 warnings · 47739161
  Dr. Stephen Henson authored Feb 20, 2014
```
(cherry picked from commit b709f8ef)
```
  47739161