Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
Change-Id: Ia7d9ec321d4495bdbdb87e2845e87b8f9319bd55
|
|
|
|
Change-Id: I57424e369a568144838d2a7b8e2ca3a5737adf58
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
|
|
Change-Id: Ie36b37cac23a47c82793df31244ade44f98093fa
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
|
|
Change-Id: Ica9a30d71f52395a402accf32110b52f46851c11
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: I2b5f4248ba97b6abbe363a5da33c953e623e0a7e
Signed-off-by: sangsu <sangsu.choi@samsung.com>
|
|
Change-Id: Ib2b4a8546eecf9f4d4a80d8f91b48dbf50bff173
|
|
Change-Id: I565a3e3ac5176f83139175faa2d2a11a334e8908
Signed-off-by: Yury Usishchev <y.usishchev@samsung.com>
|
|
Change-Id: I297624cdcb5d68a3442cdf4666722e66ce7a264b
|
|
Change-Id: Ifa60e86d772dade7afe158c8899e6d36c5561bba
|
|
Change-Id: I99680d38528c4117e59bb5377cc54820b22b93a2
|
|
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
|
|
Reviewed-by: Bodo Möller <bodo@openssl.org>
|
|
CVE-2014-3568
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
CVE-2014-3567
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 5dc6070a03779cd524f0e67f76c945cb0ac38320)
|
|
Related to CVE-2014-3513
This fix was developed by the OpenSSL Team
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
CVE-2014-3513
This issue was reported to OpenSSL on 26th September 2014, based on an origi
issue and patch developed by the LibreSSL project. Further analysis of the i
was performed by the OpenSSL team.
The fix was developed by the OpenSSL team.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
RT: 3553
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 69d5747f90136aa026a96204f26ab39549dfc69b)
|
|
so the Win32 compile picks it up correctly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
Conflicts:
test/maketests.com
test/tests.com
|
|
The different -I compiler parameters will take care of the rest...
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
spaces do not belong in file names, so when picking out the individual parts, remove the spaces
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
algorithms MD2 and RC5 don't get built.
Also, disable building the test apps in crypto/des and crypto/pkcs7, as
they have no support at all.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
properly built.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
by Zoltan Arpadffy <arpadffy@polarhome.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
compiler supports it. Otherwise, there are warnings about it lacking everywhere, which is quite tedious to read through while trying to check for other warnings.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
SSL_set_SSL_CTX is normally called for SNI after ClientHello has
received and the digest to use for each certificate has been decided.
The original ssl->cert contains the negotiated digests and is now
copied to the new ssl->cert.
PR: 3560
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also
remove duplicate definition of PKCS7_type_is_digest.
PR#3551
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit e0fdea3e49e7454aa76bd5ecf3a3747641354c68)
|
|
Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.
Note: this is a precautionary measure, there is no known attack
which can exploit this.
Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Accidentally omitted from commit 455b65dfab0de51c9f67b3c909311770f2b3f801
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit fdc35a9d3e8cf4cfd9330d5df9883f42cf5648ad)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 5886354dcca4f8445ed35b6995a035b75409590c)
|
|
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 8b07c005fe006044d0e4a795421447deca3c9f2c)
|
|
Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4aac102f75b517bdb56b1bcfd0a856052d559f6e)
Conflicts:
crypto/evp/evp_enc.c
(cherry picked from commit 738911cde68b2b3706e502cf8daf5b14738f2f42)
|
|
(Original commit adb46dbc6dd7347750df2468c93e8c34bcb93a4b)
Use the new constant-time methods consistently in s3_srvr.c
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 455b65dfab0de51c9f67b3c909311770f2b3f801)
|
|
that bad encryptions are treated like random session keys in constant
time.
(cherry picked from commit adb46dbc6dd7347750df2468c93e8c34bcb93a4b)
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1
This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Conflicts:
crypto/rsa/rsa_oaep.c
|
|
that fixed PR#3450 where an existing cast masked an issue when i was changed
from int to long in that commit
Picked up on z/linux (s390) where sizeof(int)!=sizeof(long)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit b5ff559ff90124c6fd53bbb49dae5edb4e821e0a)
|
|
If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit b2aa38a980e9fbf158aafe487fb729c492b241fb)
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit af4c6e348e4bad6303e7d214cdcf2536487aabe4)
|
|
Fix a bug in handling of 128 byte long PSK identity in
psk_client_callback.
OpenSSL supports PSK identities of up to (and including) 128 bytes in
length. PSK identity is obtained via the psk_client_callback,
implementors of which are expected to provide a NULL-terminated
identity. However, the callback is invoked with only 128 bytes of
storage thus making it impossible to return a 128 byte long identity and
the required additional NULL byte.
This CL fixes the issue by passing in a 129 byte long buffer into the
psk_client_callback. As a safety precaution, this CL also zeroes out the
buffer before passing it into the callback, uses strnlen for obtaining
the length of the identity returned by the callback, and aborts the
handshake if the identity (without the NULL terminator) is longer than
128 bytes.
(Original patch amended to achieve strnlen in a different way.)
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit be0d851732bad7370640702bc9c4a33189ede287)
|
|
(cherry picked from commit 2b0180c37fa6ffc48ee40caa831ca398b828e680)
Reviewed-by: Ben Laurie <ben@openssl.org>
|