Tags: jakemas/aws-lc
Tags
Update AWS-LC version to 1.0.2 (aws#497) Update AWS-LC (FIPS) version to v1.0.2.
OpenSSL CVE-2022-0778 Fix possible infinite loop in BN_mod_sqrt() (aw… …s#423) OpenSSL CVE-2022-0778 Fix possible infinite loop in BN_mod_sqrt() This commit fixes the issue released as OpenSSL CVE-2022-0778 that affects AWS-LC as well. A bug in BN_mod_sqrt() can cause the function to enter an infinite loop. The issue is now fixed and two test cases are added to verify that the function returns a failure instead of hanging. Co-authored-by: Dusan Kostic <dkostic@amazon.com>
OpenSSL CVE-2022-0778 Fix possible infinite loop in BN_mod_sqrt() (aw… …s#424) OpenSSL CVE-2022-0778 Fix possible infinite loop in BN_mod_sqrt() This commit fixes the issue released as OpenSSL CVE-2022-0778 that affects AWS-LC as well. A bug in BN_mod_sqrt() can cause the function to enter an infinite loop. The issue is now fixed and two test cases are added to verify that the function returns a failure instead of hanging. Co-authored-by: Dusan Kostic <dkostic@amazon.com>
Adding a draft security policy for AWS-LC (aws#362) Putting a draft security policy into our FIPS branch. We will update this when we get the final draft after we submit.
Adding a draft security policy for AWS-LC (aws#362) Putting a draft security policy into our FIPS branch. We will update this when we get the final draft after we submit.
Replace RSA/ECDSA_Sign/Verify with EVP_DigestSign/Verify APIs in ACVP… … tests. (aws#264) * Replace RSA/ECDSA_Sign/Verify APIs with EVP_DigestSign/Verify APIs in ACVP tests * Fix memory leak. * Rename key to rsa. * Apply suggestions from code review Co-authored-by: torben-hansen <50673096+torben-hansen@users.noreply.github.com> Co-authored-by: torben-hansen <50673096+torben-hansen@users.noreply.github.com>
PreviousNext