summaryrefslogtreecommitdiffstats
path: root/crypto
AgeCommit message (Collapse)Author
2014-01-06Prepare for 1.0.0l releaseOpenSSL_1_0_0lDr. Stephen Henson
2013-12-20Ignore NULL parameter in EVP_MD_CTX_destroy.Dr. Stephen Henson
(cherry picked from commit a6c62f0c25a756c263a80ce52afbae888028e986)
2013-11-11Fix memory leak.Dr. Stephen Henson
(cherry picked from commit 16bc45ba956fdf07c7cda7feda88de597569df63)
2013-11-09Check for missing components in RSA_check.Dr. Stephen Henson
(cherry picked from commit 01be36ef70525e81fc358d2e559bdd0a0d9427a5)
2013-11-06Initialise context before using it.Dr. Stephen Henson
(cherry picked from commit a4947e4e064d2d5bb622ac64cf13edc4a46ed196)
2013-11-05PBKDF2 should be efficient. Contributed by Christian HeimesBen Laurie
<christian@python.org>. Conflicts: crypto/evp/p5_crpt2.c
2013-10-03evp/e_des3.c: fix typo with potential integer overflow on 32-bit platforms.Andy Polyakov
Submitted by: Yuriy Kaminskiy (cherry picked from commit 524b00c0da42b129ed8622dfb3f5eab9cc5d6617) Resolved conflicts: crypto/evp/e_des3.c (cherry picked from commit eb22b7ec7515b42a5865af7b2a1da232ce100e97)
2013-10-01Constification.Ben Laurie
Conflicts: crypto/buffer/buffer.c
2013-09-30Typo.Dr. Stephen Henson
(cherry picked from commit 415ece73015a0e24ea934ecfb857d022952bb65b)
2013-09-16 Fix overly lenient comparisons:Bodo Moeller
- EC_GROUP_cmp shouldn't consider curves equal just because the curve name is the same. (They really *should* be the same in this case, but there's an EC_GROUP_set_curve_name API, which could be misused.) - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates equality (not an error). Reported by: king cope (cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)
2013-08-06Fix verify loop with CRL checking.Dr. Stephen Henson
PR #3090 Reported by: Franck Youssef <fry@open.ch> If no new reason codes are obtained after checking a CRL exit with an error to avoid repeatedly checking the same CRL. This will only happen if verify errors such as invalid CRL scope are overridden in a callback. (cherry picked from commit 4b26645c1a71cf9ce489e4f79fc836760b670ffe)
2013-08-06Fix for PEM_X509_INFO_read_bio.Kaspar Brand
PR: 3028 Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys correctly if they appeared first. (cherry picked from commit 5ae8d6bcbaff99423a2608559d738a3fcf7ed6dc)
2013-03-31Typo.Dr. Stephen Henson
(cherry picked from commit 0ded2a06891a4d5a207d8f29aa9a89a755158170)
2013-03-18x86cpuid.pl: make it work with older CPUs.Andy Polyakov
PR: 3005 (cherry picked from commit 5702e965d759dde8a098d8108660721ba2b93a7d)
2013-03-18Encode INTEGER correctly.Dr. Stephen Henson
If an ASN1_INTEGER structure is allocated but not explicitly set encode it as zero: don't generate an invalid zero length INTEGER. (cherry picked from commit 1643edc63c3e15b6db5a15a728bc288f2cc2bbc7)
2013-02-11sparccpuid.S: work around emulator bug on T1.Andy Polyakov
(cherry picked from commit 3caeef94bd045608af03b061643992e3afd9c445)
2013-02-06prepare for next versionDr. Stephen Henson
2013-02-05prepare for releaseOpenSSL_1_0_0kDr. Stephen Henson
2013-02-05make updateDr. Stephen Henson
2013-02-05bn_word.c: fix overflow bug in BN_add_word.Andy Polyakov
(cherry picked from commit 134c00659a1bc67ad35a1e4620e16bc4315e6e37)
2013-02-05x86_64 assembly pack: keep making Windows build more robust.Andy Polyakov
PR: 2963 and a number of others (cherry picked from commit 4568182a8b8cbfd15cbc175189029ac547bd1762)
2013-02-05Fixups from previous commit.Ben Laurie
2013-02-05Make CBC decoding constant time.Ben Laurie
This patch makes the decoding of SSLv3 and TLS CBC records constant time. Without this, a timing side-channel can be used to build a padding oracle and mount Vaudenay's attack. This patch also disables the stitched AESNI+SHA mode pending a similar fix to that code. In order to be easy to backport, this change is implemented in ssl/, rather than as a generic AEAD mode. In the future this should be changed around so that HMAC isn't in ssl/, but crypto/ as FIPS expects. (cherry picked from commit e130841bccfc0bb9da254dc84e23bc6a1c78a64e) Conflicts: crypto/evp/c_allc.c ssl/ssl_algs.c ssl/ssl_locl.h ssl/t1_enc.c
2013-02-05Add and use a constant-time memcmp.Ben Laurie
This change adds CRYPTO_memcmp, which compares two vectors of bytes in an amount of time that's independent of their contents. It also changes several MAC compares in the code to use this over the standard memcmp, which may leak information about the size of a matching prefix. (cherry picked from commit 2ee798880a246d648ecddadc5b91367bee4a5d98) Conflicts: crypto/crypto.h ssl/t1_lib.c
2013-02-05Don't try and verify signatures if key is NULL (CVE-2013-0166)Dr. Stephen Henson
Add additional check to catch this in ASN1_item_verify too.
2013-01-23Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP setDr. Stephen Henson
2013-01-22x86_64 assembly pack: make Windows build more robust [from master].Andy Polyakov
PR: 2963 and a number of others
2013-01-20Don't include comp.h if no-comp set.Dr. Stephen Henson
2012-12-30make no-comp compileDr. Stephen Henson
2012-12-06Fix two bugs which affect delta CRL handling:Dr. Stephen Henson
Use -1 to check all extensions in CRLs. Always set flag for freshest CRL.
2012-11-29PR: 2803Dr. Stephen Henson
Submitted by: jean-etienne.schwartz@bull.net In OCSP_basic_varify return an error if X509_STORE_CTX_init fails.
2012-10-05Fix EC_KEY initialization race.Bodo Möller
Submitted by: Adam Langley
2012-10-04Fix warning.Ben Laurie
2012-10-04Fix warning (hope this doesn't break other platforms, there's a twistyBen Laurie
little maze of #ifs, all different).
2012-09-24Fix Valgrind warning.Bodo Möller
Submitted by: Adam Langley
2012-09-17Fix warning.Bodo Möller
Submitted by: Chromium Authors
2012-08-17sha1-armv4-large.pl: comply with ABI [from HEAD].Andy Polyakov
2012-07-05Cosmetics: remove duplicate symbol in crypto/symhacks.hRichard Levitte
2012-07-04Cosmetic: Reorder so it's more similar to the Unixly build.Richard Levitte
2012-07-01bss_dgram.c: fix typos in Windows code.Andy Polyakov
2012-06-27x86_64 assembly pack: make it possible to compile with Perl locatedAndy Polyakov
on path with spaces [from HEAD]. PR: 2835
2012-06-19bss_dgram.c: fix bugs [from HEAD].Andy Polyakov
PR: 2833
2012-05-11PR: 2813Dr. Stephen Henson
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com> Fix possible deadlock when decoding public keys.
2012-05-10prepare for next versionDr. Stephen Henson
2012-05-10prepare for 1.0.0j releaseOpenSSL_1_0_0jDr. Stephen Henson
2012-05-10Reported by: Solar Designer of OpenwallDr. Stephen Henson
Make sure tkeylen is initialised properly when encrypting CMS messages.
2012-04-27ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performanceAndy Polyakov
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA, why slower algorithm are affected more... [from HEAD]. PR: 2794 Submitted by: Ashley Lai
2012-04-22correct error codeDr. Stephen Henson
2012-04-19prepare for next versionDr. Stephen Henson
2012-04-19prepare for 1.0.0i releaseOpenSSL_1_0_0iDr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-08 05:47:31 +0000