提交 · 9970308c88dda1e55a10c970b73ff64e8f678d8f · OpenHarmony / Third Party Openssl

06 2月, 2013 2 次提交

e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. · 9970308c

由 Andy Polyakov 提交于 2月 02, 2013

Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
(cherry picked from commit 125093b59f3c2a2d33785b5563d929d0472f1721)

9970308c

Make CBC decoding constant time. · 2acc020b

由 Ben Laurie 提交于 1月 28, 2013

This patch makes the decoding of SSLv3 and TLS CBC records constant
time. Without this, a timing side-channel can be used to build a padding
oracle and mount Vaudenay's attack.

This patch also disables the stitched AESNI+SHA mode pending a similar
fix to that code.

In order to be easy to backport, this change is implemented in ssl/,
rather than as a generic AEAD mode. In the future this should be changed
around so that HMAC isn't in ssl/, but crypto/ as FIPS expects.
(cherry picked from commit e130841bccfc0bb9da254dc84e23bc6a1c78a64e)

2acc020b

10 10月, 2011 1 次提交
- D
  
  add GCM ciphers in SSL_library_init · eb47b2fb
  由 Dr. Stephen Henson 提交于 10月 10, 2011
  
  eb47b2fb
24 8月, 2011 1 次提交
- A
  
  Add RC4-MD5 and AESNI-SHA1 "stitched" implementations. · c608171d
  由 Andy Polyakov 提交于 8月 23, 2011
  
  c608171d
07 4月, 2010 1 次提交

Add SHA2 algorithms to SSL_library_init(). Although these aren't used · c0b8eb60

由 Dr. Stephen Henson 提交于 4月 07, 2010

directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.

Update docs.

c0b8eb60

20 1月, 2010 1 次提交

The use of NIDs in the password based encryption table can result in · 071ef65c

由 Dr. Stephen Henson 提交于 1月 19, 2010

algorithms not found when an application uses PKCS#12 and only calls
SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple
work around is to add the missing algorithm (40 bit RC2) in
SSL_library_init().

071ef65c

08 7月, 2009 1 次提交
- D
  Delete MD2 from algorithm tables as in 0.9.8-stable. However since this is · 4e9de7aa
  由 Dr. Stephen Henson 提交于 7月 08, 2009
```
a new branch we can also disable it by default.
```
  4e9de7aa
24 4月, 2007 1 次提交
- B
  Add SEED encryption algorithm. · 96afc1cf
  由 Bodo Möller 提交于 4月 23, 2007
```
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
```
  96afc1cf
09 6月, 2006 1 次提交
- B
  Camellia cipher, contributed by NTT · f3dea9a5
  由 Bodo Möller 提交于 6月 09, 2006
```
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
```
  f3dea9a5
22 8月, 2005 1 次提交
- N
  
  initialize cipher/digest methods table in SSL_library_init() and hence remove the need for a lock · 7f3c9036
  由 Nils Larsch 提交于 8月 21, 2005
  
  7f3c9036
06 10月, 2003 1 次提交
- R
  
  Add functionality to get information on compression methods (not quite complete). · 377dcdba
  由 Richard Levitte 提交于 10月 06, 2003
  
  377dcdba
09 8月, 2002 1 次提交

ECC ciphersuite support · ea262260

由 Bodo Möller 提交于 8月 09, 2002

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
(Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)

ea262260

20 2月, 2001 1 次提交

Use new-style system-id macros everywhere possible. I hope I haven't · bc36ee62

由 Richard Levitte 提交于 2月 20, 2001

missed any.

This compiles and runs on Linux, and external applications have no
problems with it.  The definite test will be to build this on VMS.

bc36ee62

08 2月, 2001 1 次提交

· deb2c1a1

由 Dr. Stephen Henson 提交于 2月 07, 2001

Fix AES code.

Update Rijndael source to v3.0

Add AES OIDs.

Change most references of Rijndael to AES.

Add new draft AES ciphersuites.

deb2c1a1

06 2月, 2001 1 次提交
- B
  
  Rijdael CBC mode and partial undebugged SSL support. · 259810e0
  由 Ben Laurie 提交于 2月 06, 2001
  
  259810e0
23 1月, 2001 1 次提交
- B
  For improved compatibility with 'strange' certificates, add some · 325ae88e
  由 Bodo Möller 提交于 1月 23, 2001
```
digest aliases (as found in OpenSSL_add_all_digests).
```
  325ae88e
08 6月, 1999 1 次提交
- B
  Don't mix real tabs with tabs expanded as 8 spaces -- that's · b1c4fe36
  由 Bodo Möller 提交于 6月 07, 1999
```
a pain to read when using 4-space tabs.
```
  b1c4fe36
27 4月, 1999 1 次提交
- U
  
  Message digest stuff. · d02f751c
  由 Ulf Möller 提交于 4月 27, 1999
  
  d02f751c
24 4月, 1999 1 次提交
- B
  Change #include filenames from <foo.h> to <openssl.h>. · ec577822
  由 Bodo Möller 提交于 4月 23, 1999
```
Submitted by:
Reviewed by:
PR:
```
  ec577822
20 4月, 1999 1 次提交
- U
  
  Change functions to ANSI C. · 6b691a5c
  由 Ulf Möller 提交于 4月 19, 1999
  
  6b691a5c
16 2月, 1999 1 次提交

Updates to the new SSL compression code · 413c4f45

由 Mark J. Cox 提交于 2月 16, 1999

     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Fix so that the version number in the master secret, when passed
     via RSA, checks that if TLS was proposed, but we roll back to SSLv3
     (because the server will not accept higher), that the version number
     is 0x03,0x01, not 0x03,0x00
     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Submitted by:
Reviewed by:
PR:

413c4f45

21 12月, 1998 3 次提交
- R
  
  Import of old SSLeay release: SSLeay 0.9.1b (unreleased) · dfeab068
  由 Ralf S. Engelschall 提交于 12月 21, 1998
  
  dfeab068
- R
  
  Import of old SSLeay release: SSLeay 0.9.0b · 58964a49
  由 Ralf S. Engelschall 提交于 12月 21, 1998
  
  58964a49
- R
  
  Import of old SSLeay release: SSLeay 0.8.1b · d02b48c6
  由 Ralf S. Engelschall 提交于 12月 21, 1998
  
  d02b48c6

OpenHarmony / Third Party Openssl 大约 1 年 前同步成功

OpenHarmony / Third Party Openssl
大约 1 年前同步成功