提交 · d2625fd65772ce3de2563e648decd2d1074fd873 · OpenHarmony / Third Party Openssl

18 3月, 2013 1 次提交

Use enc_flags when deciding protocol variations. · cbd64894

由 Dr. Stephen Henson 提交于 3月 13, 2013

Use the enc_flags field to determine whether we should use explicit IV,
signature algorithms or SHA256 default PRF instead of hard coding which
versions support each requirement.

cbd64894

22 2月, 2013 1 次提交
- B
  Fix ignored return value warnings. · 0850f118
  由 Ben Laurie 提交于 2月 21, 2013
```
Not sure why I am getting these now and not before.
```
  0850f118
12 2月, 2013 1 次提交

Check DTLS_BAD_VER for version number. · d980abb2

由 David Woodhouse 提交于 2月 12, 2013

The version check for DTLS1_VERSION was redundant as
DTLS1_VERSION > TLS1_1_VERSION, however we do need to
check for DTLS1_BAD_VER for compatibility.

PR:2984

d980abb2

09 2月, 2013 1 次提交
- A
  
  s3_cbc.c: make CBC_MAC_ROTATE_IN_PLACE universal. · f93a4187
  由 Andy Polyakov 提交于 2月 08, 2013
  
  f93a4187
08 2月, 2013 3 次提交
- A
  
  s3_cbc.c: get rid of expensive divisions. · c98a4545
  由 Andy Polyakov 提交于 2月 08, 2013
  
  c98a4545
- A
  
  s3_cbc.c: fix warning [in Windows build]. · 0e4f7045
  由 Andy Polyakov 提交于 2月 08, 2013
  
  0e4f7045
- A
  ssl/*: revert "remove SSL_RECORD->orig_len" and merge "fix IV". · dd7e60bd
  由 Andy Polyakov 提交于 2月 08, 2013
```
Revert is appropriate because binary compatibility is not an issue
in 1.1.
```
  dd7e60bd
07 2月, 2013 1 次提交

Fix for EXP-RC2-CBC-MD5 · 32620fe9

由 Adam Langley 提交于 2月 06, 2013

MD5 should use little endian order. Fortunately the only ciphersuite
affected is EXP-RC2-CBC-MD5 (TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5) which
is a rarely used export grade ciphersuite.
(cherry picked from commit f306b87d766e6ecf30824635c7c395b67cff9dbc)

32620fe9

06 2月, 2013 9 次提交

e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. · 9970308c

由 Andy Polyakov 提交于 2月 02, 2013

Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
(cherry picked from commit 125093b59f3c2a2d33785b5563d929d0472f1721)

9970308c

ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility. · 2aec073a

由 Andy Polyakov 提交于 2月 01, 2013

Kludge alert. This is arranged by passing padding length in unused
bits of SSL3_RECORD->type, so that orig_len can be reconstructed.
(cherry picked from commit 8bfd4c659f180a6ce34f21c0e62956b362067fba)

2aec073a

D
Don't access EVP_MD_CTX internals directly. · b714a1fe
由 Dr. Stephen Henson 提交于 2月 01, 2013
```
(cherry picked from commit 04e45b52ee3be81121359cc1198fd01e38096e9f)
```
b714a1fe
A
s3/s3_cbc.c: allow for compilations with NO_SHA256|512. · bbb4ee85
由 Andy Polyakov 提交于 2月 01, 2013
```
(cherry picked from commit d5371324d978e4096bf99b9d0fe71b2cb65d9dc8)
```
bbb4ee85

ssl/s3_cbc.c: md_state alignment portability fix. · 4af91ec0

由 Andy Polyakov 提交于 2月 01, 2013

RISCs are picky and alignment granted by compiler for md_state can be
insufficient for SHA512.
(cherry picked from commit 36260233e7e3396feed884d3f501283e0453c04f)

4af91ec0

ssl/s3_cbc.c: uint64_t portability fix. · 6b2a8439

由 Andy Polyakov 提交于 2月 01, 2013

Break dependency on uint64_t. It's possible to declare bits as
unsigned int, because TLS packets are limited in size and 32-bit
value can't overflow.
(cherry picked from commit cab13fc8473856a43556d41d8dac5605f4ba1f91)

6b2a8439

typo. · 6b1f7bee

由 Dr. Stephen Henson 提交于 1月 31, 2013

(cherry picked from commit 34ab3c8c711ff79c2b768f0b17e4b2a78fd1df5d)

6b1f7bee

Timing fix mitigation for FIPS mode. · c4e6fb15

由 Dr. Stephen Henson 提交于 1月 29, 2013

We have to use EVP in FIPS mode so we can only partially mitigate
timing differences.

Make an extra call to EVP_DigestSignUpdate to hash additonal blocks
to cover any timing differences caused by removal of padding.
(cherry picked from commit b908e88ec15aa0a74805e3f2236fc4f83f2789c2)

c4e6fb15

B
Oops. Add missing file. · a693ead6
由 Ben Laurie 提交于 1月 28, 2013
```
(cherry picked from commit 014265eb02e26f35c8db58e2ccbf100b0b2f0072)
```
a693ead6

OpenHarmony / Third Party Openssl 大约 1 年 前同步成功

OpenHarmony / Third Party Openssl
大约 1 年前同步成功