[PATCH] Fix XMM register clobbering in crypto/aes/asm/aesni-x86_64:aesni_ecb_encrypt() under Win64

2014-10-14 Thread Mikhail Kupchik
This patch fixes clobbering of XMM6-XMM9 registers by the assembler implementation of aesni_ecb_encrypt(). Windows x86_64 ABI requires XMM6-XMM15 registers to be preserved by callee, unlike System V x86_64 ABI. --- a/crypto/aes/asm/aesni-x86_64.pl2014-09-25 22:02:56.0 +0300 +++

Re: CIPHER STRINGS

2014-10-14 Thread Hubert Kario
- Original Message - From: dE de.tec...@gmail.com To: openssl-dev@openssl.org Sent: Tuesday, 14 October, 2014 6:39:11 AM Subject: Re: CIPHER STRINGS On 10/13/14 17:09, Hubert Kario wrote: - Original Message - From: dE de.tec...@gmail.com To: openssl-dev@openssl.org

Vuln in SSL 3.0

2014-10-14 Thread Krzysztof Kwiatkowski
Hi, Any idea what this is about? Is it a threat for OpenSSL users: http://www.theregister.co.uk/2014/10/14/nasty_ssl_30_vulnerability_to_drop_tomorrow/ Regards, Kris __ OpenSSL Project

Re: CIPHER STRINGS

2014-10-14 Thread dE
On 10/14/14 16:47, Hubert Kario wrote: - Original Message - From: dE de.tec...@gmail.com To: openssl-dev@openssl.org Sent: Tuesday, 14 October, 2014 6:39:11 AM Subject: Re: CIPHER STRINGS On 10/13/14 17:09, Hubert Kario wrote: - Original Message - From: dE de.tec...@gmail.com

Re: Vuln in SSL 3.0

2014-10-14 Thread Dominyk Tiller
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 If there is a threat in SSLv3 it seems almost certain to affect OpenSSL. The upstream dev team not commenting on this is probably fairly standard protocol; I believe they don't comment on anything critical that could be exploited before patches are

RE: [openssl.org #3564]

2014-10-14 Thread Mangino, Nicholas @ CSG - CSE via RT
Have attempted another build using Win 32 option perl Configure VC-WIN32 no-asm no-hw ms\do_ms completes without error or warnings. Running nmake -f ms\ntdll.mak compiles all C code but generates the following error on linking rc /fotmp32dll\libeay32.res /d CRYPTO

Patch to mitigate CVE-2014-3566 (POODLE)

2014-10-14 Thread Bodo Moeller
Here's a patch for the OpenSSL 1.0.1 branch that adds support for TLS_FALLBACK_SCSV, which can be used to counter the POODLE attack (CVE-2014-3566; https://www.openssl.org/~bodo/ssl-poodle.pdf). Note well that this is not about a bug in OpenSSL -- it's a protocol issue. If SSL 3.0 is disabled in

Re: Patch to mitigate CVE-2014-3566 (POODLE)

2014-10-14 Thread mancha
On Wed, Oct 15, 2014 at 01:46:40AM +0200, Bodo Moeller wrote: Here's a patch for the OpenSSL 1.0.1 branch that adds support for TLS_FALLBACK_SCSV, which can be used to counter the POODLE attack (CVE-2014-3566; https://www.openssl.org/~bodo/ssl-poodle.pdf). Hi Bodo. Many thanks for the OOB