- 19 6月, 2018 8 次提交
-
-
由 Jack Lloyd 提交于
Use EVP_PKEY_set_alias_type to access Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6443)
-
由 Jack Lloyd 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6443)
-
由 Richard Levitte 提交于
... to the check OPENSSL_API_COMPAT < 0x10100000L, to correspond with how it's declared. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6470)
-
由 Richard Levitte 提交于
(that is, until 1.2.0 comes along) Since we allow future deprecation (and that shouldn't be affected by 'no-deprecated'), we need to distinguish what to have deprecated on the value of OPENSSL_API_COMPAT, not the existence of OPENSSL_NO_DEPRECATED. Note that the macro OPENSSL_NO_DEPRECATED still exists, in case someone still uses it. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6470)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6499)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6499)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6499)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6499)
-
- 18 6月, 2018 4 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6511)
-
由 David von Oheimb 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6217)
-
由 David von Oheimb 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6217)
-
由 David von Oheimb 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6217)
-
- 15 6月, 2018 6 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Calling the functions rand_pool_add_{additional,nonce}_data() in crypto/rand/rand_lib.c with no implementation for djgpp/MSDOS causees unresolved symbols when linking with djgpp. Reported and fixed by Gisle Vanem Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6421)
-
由 Eric S. Raymond 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/6491)
-
由 David Cooper 提交于
This commit replaces the certificates in demos/bio with new certificates that don't expire until 2118. The same certificates appear in both demos/smime and demos/cms. This commit copies the new certificates and keys from demos/smime to demos/cms. This PR Fixes #6412 by updating cacert.pem and signer.pem in the openssl/demos/smime/ directory. It also updates all of the keys with longer key lengths. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6483)
-
由 Andy Polyakov 提交于
848113a3 added mitigation for a side-channel attack. This commit extends approach to all code paths for consistency. [It also removes redundant white spaces introduced in last commit.] Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6480)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6477)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6477)
-
- 14 6月, 2018 1 次提交
-
-
由 Eric S. Raymond 提交于
CLA: trivial Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> GH: #6472
-
- 13 6月, 2018 7 次提交
-
-
由 Matt Caswell 提交于
Keegan Ryan (NCC Group) has demonstrated a side channel attack on an ECDSA signature operation. During signing the signer calculates: s:= k^-1 * (m + r * priv_key) mod order The addition operation above provides a sufficient signal for a flush+reload attack to derive the private key given sufficient signature operations. As a mitigation (based on a suggestion from Keegan) we add blinding to the operation so that: s := k^-1 * blind^-1 (blind * m + blind * r * priv_key) mod order Since this attack is a localhost side channel only no CVE is assigned. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
[omit even -b:SRE, as it's implied by -G flag.] Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6453)
-
由 Andy Polyakov 提交于
Add aix-common template that covers even aix-shared from shared-info.pl, add -bsymbolic to shared_ldflags. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6453)
-
由 Andy Polyakov 提交于
This allows to specify flags specific to shared build, e.g. 'bin_lflags => shared("-Wl,-bsvr4")'. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6453)
-
由 Andy Polyakov 提交于
The flag was apparently omitted in switch from Makefile.shared to shared-info.pl. Do put it back! And in the process move all solaris-shared flags from shared-info.pl to solaris-common. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6446)
-
由 Richard Levitte 提交于
The man name didn't match the file name, and some places had 'password' instead of 'pass phrase'. Fixes #6474 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6476)
-
由 Viktor Dukhovni 提交于
and also X509_delete_ext() Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 12 6月, 2018 6 次提交
-
-
由 Nicola Tuveri 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6460)
-
由 Richard Levitte 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6461)
-
由 Richard Levitte 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6461)
-
由 Richard Levitte 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6461)
-
由 Richard Levitte 提交于
There was no option to give other config files than the default crypto/err/openssl.ec, and yet it tried to check the errors generated in engines (and failing, of course). Also added the same '-internal' option as util/mkerr.pl. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6461)
-
由 Guido Vranken 提交于
CVE-2018-0732 Signed-off-by: NGuido Vranken <guidovranken@gmail.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6457)
-
- 11 6月, 2018 7 次提交
-
-
由 Richard Levitte 提交于
The list of known libs are readily available in crypto/err/openssl.ec, so lets use it to figure out if all error function codes belong to known libs. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6455)
-
由 David von Oheimb 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6451)
-
由 Matt Caswell 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6370)
-
由 Matt Caswell 提交于
TLSv1.3 ignores the alert level, so we should suppress sending of warning only alerts. Fixes #6211 Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6370)
-
由 Matt Caswell 提交于
In TLSv1.3 we should ignore the severity level of an alert according to the spec. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6370)
-
由 Richard Levitte 提交于
Fixes #6449 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6450) (cherry picked from commit 9a236d5a7158d38b933656cacc31dfd4ff4fcc08)
-
由 Todd Short 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6430)
-
- 09 6月, 2018 1 次提交
-
-
由 Andy Polyakov 提交于
This module is used only with odd input lengths, i.e. not used in normal PKI cases, on contemporary processors. The problem was "illuminated" by fuzzing tests. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6440)
-