Revision 1bb01b1b5f27a7de33e7a67946b8c001b54e09e9 authored by Emilia Kasper on 05 September 2014, 12:47:33 UTC, committed by Emilia Kasper on 24 September 2014, 14:41:55 UTC
Do the final padding check in EVP_DecryptFinal_ex in constant time to avoid a timing leak from padding failure. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit b55ff319f880adc874b8c95957adf2003117d42b) Conflicts: crypto/evp/Makefile crypto/evp/evp_enc.c
1 parent 699d78c
testca
#!/bin/sh
SH="/bin/sh"
if test "$OSTYPE" = msdosdjgpp; then
PATH="../apps\;$PATH"
else
PATH="../apps:$PATH"
fi
export SH PATH
SSLEAY_CONFIG="-config CAss.cnf"
export SSLEAY_CONFIG
OPENSSL="`pwd`/../util/opensslwrap.sh"
export OPENSSL
/bin/rm -fr demoCA
$SH ../apps/CA.sh -newca <<EOF
EOF
if [ $? != 0 ]; then
exit 1;
fi
SSLEAY_CONFIG="-config Uss.cnf"
export SSLEAY_CONFIG
$SH ../apps/CA.sh -newreq
if [ $? != 0 ]; then
exit 1;
fi
SSLEAY_CONFIG="-config ../apps/openssl.cnf"
export SSLEAY_CONFIG
$SH ../apps/CA.sh -sign <<EOF
y
y
EOF
if [ $? != 0 ]; then
exit 1;
fi
$SH ../apps/CA.sh -verify newcert.pem
if [ $? != 0 ]; then
exit 1;
fi
/bin/rm -fr demoCA newcert.pem newreq.pem
#usage: CA -newcert|-newreq|-newca|-sign|-verify

Computing file changes ...