root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
openssl/ssl
History
basavesh b643a4df61 Fix leakage when the cacheline is 32-bytes in CBC_MAC_ROTATE_IN_PLACE 
rotated_mac is a 64-byte aligned buffer of size 64 and rotate_offset is secret.
Consider a weaker leakage model(CL) where only cacheline base address is leaked,
i.e address/32 for 32-byte cacheline(CL32).

Previous code used to perform two loads
    1. rotated_mac[rotate_offset ^ 32] and
    2. rotated_mac[rotate_offset++]
which would leak 2q + 1, 2q for 0 <= rotate_offset < 32
and 2q, 2q + 1 for 32 <= rotate_offset < 64

The proposed fix performs load operations which will always leak 2q, 2q + 1 and
selects the appropriate value in constant-time.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18033)

(cherry picked from commit 3b83638567)
 		2022-05-09 16:40:55 +02:00
..
record Fix leakage when the cacheline is 32-bytes in CBC_MAC_ROTATE_IN_PLACE 2022-05-09 16:40:55 +02:00
statem Update copyright year 2022-05-03 13:36:42 +01:00
bio_ssl.c Fix ssl_free() and thus BIO_free() to respect BIO_NOCLOSE 2021-10-04 10:59:06 +02:00
build.info Do not duplicate symbols between libcrypto and libssl in static builds 2021-06-14 09:21:05 +10:00
d1_lib.c Fix dtls timeout dead code 2021-07-29 10:08:07 -07:00
d1_msg.c
d1_srtp.c
ktls.c KTLS: use EVP_CIPHER_is_a instead of nid 2021-11-08 17:41:28 +08:00
methods.c
pqueue.c
s3_cbc.c fips module header inclusion fine-tunning 2021-07-06 10:52:27 +10:00
s3_enc.c tls: remove TODOs 2021-06-02 16:30:15 +10:00
s3_lib.c Add SSL_(CTX_)?get0_(verify|chain)_cert_store functions 2022-04-27 11:18:10 +02:00
s3_msg.c Update copyright year 2021-05-20 14:22:33 +01:00
ssl_asn1.c Make the -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION pass tests 2021-08-31 12:20:12 +02:00
ssl_cert.c Add SSL_(CTX_)?get0_(verify|chain)_cert_store functions 2022-04-27 11:18:10 +02:00
ssl_cert_table.h
ssl_ciph.c Don't include any TLSv1.3 ciphersuites that are disabled 2021-11-29 12:18:01 +10:00
ssl_conf.c Update copyright year 2022-05-03 13:36:42 +01:00
ssl_err.c err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
ssl_err_legacy.c Update copyright year 2021-06-17 13:24:59 +01:00
ssl_init.c Update copyright year 2021-06-17 13:24:59 +01:00
ssl_lib.c Fix Coverity 1498611 & 1498608: uninitialised read 2022-03-23 11:07:18 +11:00
ssl_local.h Add SSL_(CTX_)?get0_(verify|chain)_cert_store functions 2022-04-27 11:18:10 +02:00
ssl_mcnf.c
ssl_rsa.c ssl: coverity 1465527 - dereference after null check 2021-03-20 10:18:32 +10:00
ssl_rsa_legacy.c
ssl_sess.c Update copyright year 2022-03-15 13:52:58 +00:00
ssl_stat.c Update copyright year 2021-09-07 13:29:33 +02:00
ssl_txt.c Update copyright year 2022-05-03 13:36:42 +01:00
ssl_utst.c
sslerr.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
t1_enc.c Update copyright year 2022-03-15 13:52:58 +00:00
t1_lib.c Update copyright year 2022-03-15 13:52:58 +00:00
t1_trce.c Update copyright year 2021-02-18 15:05:17 +00:00
tls13_enc.c Fix indentation of tls13_hkdf_expand parameters 2021-09-03 08:56:07 +10:00
tls_depr.c Replace the AES-128-CBC-HMAC-SHA1 cipher in e_ossltest.c 2021-10-11 16:25:17 +02:00
tls_srp.c ssl: add zero strenght arguments to BN and RAND RNG calls 2021-05-29 17:17:12 +10:00