| #
f4601b6d |
| 30-Apr-2024 |
sapph2c |
Fixed typos in ossl_ht_new.pod, EVP_PKEY_decrypt.pod, and RSA_public_encrypt.pod
CLA: trivial
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.or
Fixed typos in ossl_ht_new.pod, EVP_PKEY_decrypt.pod, and RSA_public_encrypt.pod
CLA: trivial
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24304)
show more ...
|
| #
98161274 |
| 16-Apr-2024 |
Hubert Kario |
Be more explicit about RSAES-PKCS#1v1.5 error handling
And add a note how to perform side-channel free error stack handling.
Signed-off-by: Hubert Kario <hkario@redhat.com>
Be more explicit about RSAES-PKCS#1v1.5 error handling
And add a note how to perform side-channel free error stack handling.
Signed-off-by: Hubert Kario <hkario@redhat.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24159)
show more ...
|
| #
8548d3bf |
| 12-Dec-2022 |
Hubert Kario |
rsa: fix version of rsa implicit rejection introduction
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@o
rsa: fix version of rsa implicit rejection introduction
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19889)
show more ...
|
| #
7fc67e0a |
| 15-Mar-2022 |
Hubert Kario |
rsa: add implicit rejection in PKCS#1 v1.5
The RSA decryption as implemented before required very careful handling
of both the exit code returned by OpenSSL and the potentially returned
rsa: add implicit rejection in PKCS#1 v1.5
The RSA decryption as implemented before required very careful handling
of both the exit code returned by OpenSSL and the potentially returned
ciphertext. Looking at the recent security vulnerabilities
(CVE-2020-25659 and CVE-2020-25657) it is unlikely that most users of
OpenSSL do it correctly.
Given that correct code requires side channel secure programming in
application code, we can classify the existing RSA decryption methods
as CWE-676, which in turn likely causes CWE-208 and CWE-385 in
application code.
To prevent that, we can use a technique called "implicit rejection".
For that we generate a random message to be returned in case the
padding check fails. We generate the message based on static secret
data (the private exponent) and the provided ciphertext (so that the
attacker cannot determine that the returned value is randomly generated
instead of result of decryption and de-padding). We return it in case
any part of padding check fails.
The upshot of this approach is that then not only is the length of the
returned message useless as the Bleichenbacher oracle, so are the
actual bytes of the returned message. So application code doesn't have
to perform any operations on the returned message in side-channel free
way to remain secure against Bleichenbacher attacks.
Note: this patch implements a specific algorithm, shared with Mozilla
NSS, so that the attacker cannot use one library as an oracle against the
other in heterogeneous environments.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13817)
show more ...
|
| #
8f48a978 |
| 30-Nov-2022 |
Tomas Mraz |
Clarify the EVP_PKEY_decrypt manual page
Fixes #19790
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github
Clarify the EVP_PKEY_decrypt manual page
Fixes #19790
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19792)
show more ...
|
| #
ecb1ed1b |
| 05-May-2022 |
Dimitry Andric |
Correct padding mode flag name for EVP_PKEY_decrypt/encrypt() examples
The example code in EVP_PKEY_decrypt(3) and EVP_PKEY_encrypt(3) and uses
a nonexistent padding mode `RSA_OAEP_PADDI
Correct padding mode flag name for EVP_PKEY_decrypt/encrypt() examples
The example code in EVP_PKEY_decrypt(3) and EVP_PKEY_encrypt(3) and uses
a nonexistent padding mode `RSA_OAEP_PADDING`, which should be
`RSA_PKCS1_OAEP_PADDING` instead.
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18255)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14 |
|
| #
3c2bdd7d |
| 08-Apr-2021 |
Matt Caswell |
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14801)
|
|
Revision tags: OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
| #
8ea34a6e |
| 02-Mar-2021 |
Pauli |
doc: document param argument to cipher init calls
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
|
| #
ee22fca5 |
| 03-Mar-2021 |
Pauli |
doc: update PKEY documentation to include the new init functions with params
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/1438
doc: update PKEY documentation to include the new init functions with params
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
| #
cda77422 |
| 15-Aug-2019 |
Rich Salz |
Use EXAMPLES not EXAMPLE for section title
And update find-doc-nits to complain if "=head1 EXAMPLE" is found.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Mat
Use EXAMPLES not EXAMPLE for section title
And update find-doc-nits to complain if "=head1 EXAMPLE" is found.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9602)
show more ...
|
|
Revision tags: OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
| #
fc5ecadd |
| 09-Dec-2018 |
Dr. Matthias St. Pierre |
man: harmonize the various formulations in the HISTORY sections
While stereotyped repetitions are frowned upon in literature, they
serve a useful purpose in manual pages, because it is e
man: harmonize the various formulations in the HISTORY sections
While stereotyped repetitions are frowned upon in literature, they
serve a useful purpose in manual pages, because it is easier for
the user to find certain information if it is always presented in
the same way. For that reason, this commit harmonizes the varying
formulations in the HISTORY section about which functions, flags,
etc. were added in which OpenSSL version.
It also attempts to make the pod files more grep friendly by
avoiding to insert line breaks between the symbol names and the
corresponding version number in which they were introduced
(wherever possible). Some punctuation and typographical errors
were fixed on the way.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7854)
show more ...
|
| #
4746f25a |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in doc/man3/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/78
Following the license change, modify the boilerplates in doc/man3/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7829)
show more ...
|
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1 |
|
| #
48e5119a |
| 19-Jan-2018 |
Richard Levitte |
Copyright update of more files that have changed this year
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5110)
|
| #
9db6673e |
| 18-Jan-2018 |
Jakub Jelen |
doc: Bad prototypes of EVP_PKEY_CTX_new()
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@o
doc: Bad prototypes of EVP_PKEY_CTX_new()
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4861)
show more ...
|
|
Revision tags: OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d |
|
| #
e9b77246 |
| 20-Jan-2017 |
Beat Bolli |
doc/man3: reformat the function prototypes in the synopses
I tried hard to keep the lines at 80 characters or less, but in a few
cases I had to punt and just indented the subsequent line
doc/man3: reformat the function prototypes in the synopses
I tried hard to keep the lines at 80 characters or less, but in a few
cases I had to punt and just indented the subsequent lines by 4 spaces.
A few well-placed typedefs for callback functions would really help, but
these would be part of the API, so that's probably for later.
I also took the liberty of inserting empty lines in overlong blocks to
provide some visual space.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1956)
show more ...
|
|
Revision tags: OpenSSL-fips-2_0_15 |
|
| #
2947af32 |
| 18-Nov-2016 |
Beat Bolli |
doc/man3: use the documented coding style in the example code
Adjust brace placement, whitespace after keywords, indentation and empty
lines after variable declarations according to
doc/man3: use the documented coding style in the example code
Adjust brace placement, whitespace after keywords, indentation and empty
lines after variable declarations according to
https://www.openssl.org/policies/codingstyle.html.
Indent literal sections by exactly one space.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1956)
show more ...
|
|
Revision tags: OpenSSL-fips-2_0_14, OpenSSL_1_1_0c |
|
| #
99d63d46 |
| 26-Oct-2016 |
Rich Salz |
Move manpages to man[1357] structure.
Move manpages to manX directories
Add Windows/VMS install fix from Richard Levitte
Update README
Fix typo's
Remove some duplicates
Move manpages to man[1357] structure.
Move manpages to manX directories
Add Windows/VMS install fix from Richard Levitte
Update README
Fix typo's
Remove some duplicates
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
