1. 08 1月, 2016 1 次提交
  2. 01 12月, 2015 1 次提交
  3. 26 11月, 2015 1 次提交
    • M
      Tighten up BN_with_flags usage and avoid a reachable assert · fd7d2520
      Matt Caswell 提交于
      The function rsa_ossl_mod_exp uses the function BN_with_flags to create a
      temporary copy (local_r1) of a BIGNUM (r1) with modified flags. This
      temporary copy shares some state with the original r1. If the state of r1
      gets updated then local_r1's state will be stale. This was occurring in the
      function so that when local_r1 was freed a call to bn_check_top was made
      which failed an assert due to the stale state. To resolve this we must free
      local_r1 immediately after we have finished using it and not wait until the
      end of the function.
      
      This problem prompted a review of all BN_with_flag usage within the
      codebase. All other usage appears to be correct, although often not
      obviously so. This commit refactors things to make it much clearer for
      these other uses.
      Reviewed-by: NEmilia Käsper <emilia@openssl.org>
      fd7d2520
  4. 10 11月, 2015 1 次提交
  5. 04 9月, 2015 1 次提交
  6. 28 8月, 2015 1 次提交
  7. 26 8月, 2015 1 次提交
  8. 11 8月, 2015 1 次提交
  9. 23 7月, 2015 1 次提交
  10. 24 6月, 2015 1 次提交
  11. 14 5月, 2015 1 次提交
  12. 06 5月, 2015 1 次提交
  13. 05 5月, 2015 1 次提交
    • R
      Use safer sizeof variant in malloc · b4faea50
      Rich Salz 提交于
      For a local variable:
              TYPE *p;
      Allocations like this are "risky":
              p = OPENSSL_malloc(sizeof(TYPE));
      if the type of p changes, and the malloc call isn't updated, you
      could get memory corruption.  Instead do this:
              p = OPENSSL_malloc(sizeof(*p));
      Also fixed a few memset() calls that I noticed while doing this.
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      b4faea50
  14. 01 5月, 2015 2 次提交
  15. 29 4月, 2015 1 次提交
  16. 09 2月, 2015 1 次提交
  17. 22 1月, 2015 4 次提交
  18. 06 1月, 2015 2 次提交
  19. 31 12月, 2014 1 次提交
  20. 09 12月, 2014 2 次提交
  21. 08 12月, 2014 2 次提交
  22. 19 8月, 2014 1 次提交
  23. 14 7月, 2014 1 次提交
  24. 28 3月, 2014 1 次提交
  25. 12 3月, 2014 1 次提交
    • D
      Fix for CVE-2014-0076 · f9b6c0ba
      Dr. Stephen Henson 提交于
      Fix for the attack described in the paper "Recovering OpenSSL
      ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
      by Yuval Yarom and Naomi Benger. Details can be obtained from:
      http://eprint.iacr.org/2014/140
      
      Thanks to Yuval Yarom and Naomi Benger for discovering this
      flaw and to Yuval Yarom for supplying a fix.
      (cherry picked from commit 2198be3483259de374f91e57d247d0fc667aef29)
      
      Conflicts:
      
      	CHANGES
      f9b6c0ba
  26. 15 9月, 2011 1 次提交
  27. 28 1月, 2011 2 次提交
  28. 26 1月, 2011 1 次提交
  29. 29 12月, 2008 2 次提交
  30. 12 11月, 2008 1 次提交
  31. 01 11月, 2008 1 次提交