Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSSL 1.0.1k handling of DER signatures #106

Merged
merged 16 commits into from
Jan 12, 2015
Merged

OpenSSL 1.0.1k handling of DER signatures #106

merged 16 commits into from
Jan 12, 2015

Conversation

vertoe
Copy link

@vertoe vertoe commented Jan 12, 2015

Upstream discussion:

vertoe and others added 11 commits January 2, 2015 22:19
@vertoe
Version bump.
81a2f6c
@theuni @laanwj
consensus: guard against openssl's new strict DER checks
b8e81b7 
New versions of OpenSSL will reject non-canonical DER signatures. However,
it'll happily decode them. Decode then re-encode before verification in order
to ensure that it is properly consumed.

Github-Pull: dashpay#5634
Rebased-From: 488ed32
@laanwj
gitian: openssl-1.0.1i.tar.gz -> openssl-1.0.1k.tar.gz
f047dfa
@laanwj
fail immediately on an empty signature
60c51f1 
Github-Pull: dashpay#5634
Rebased-From: 8dccba6
@laanwj
doc: Update release process for openssl bump
65a1dda
@laanwj
gitian: bump revision for OSX qt
b8ac476 
Not necessary for windows or linux, as the intermedate build result
doesn't change.
However for OSX on 0.9 the builds for the intermediates are not
deterministic, so this cannot be assessed. Bump the dep version just in
case.
@vertoe
merge branch '0.9' of https://github.com/bitcoin/bitcoin into devel-0.9
928613c
@vertoe
Merge downstream v0.11.0.x
ebb7eab
@laanwj
Improve robustness of DER recoding code
037bfef 
Add some defensive programming on top of dashpay#5634.

This copies the respective OpenSSL code in ECDSA_verify in
OpenSSL pre-1.0.1k (e.g. https://github.com/openssl/openssl/blob/OpenSSL_1_0_1j/crypto/ecdsa/ecs_vrf.c#L89)
more closely.

As reported by @SergioDemianLerner.

Github-Pull: dashpay#5640
Rebased-From: c6b7b29
@laanwj
qt: Pull updated translations from Transifex
f6b7539
@laanwj
doc: Update release notes for 0.9.4
2f32a0b
@vertoe vertoe changed the title Openssl security fixes OpenSSL 1.0.1k handling of DER signatures Jan 12, 2015
@vertoe
Copy link
Author

vertoe commented Jan 12, 2015

heads up: this now includes upstream v0.9.4.
also includes now: bitcoin#5640

i updated docs and release notes accordingly. will post some details in the testing thread.

darkcoinproject added a commit that referenced this pull request Jan 12, 2015
@darkcoinproject
Merge pull request #106 from vertoe/devel-0.9
984c923 
OpenSSL 1.0.1k handling of DER signatures
@darkcoinproject darkcoinproject merged commit 984c923 into dashpay:v0.11.0.x Jan 12, 2015
@darkcoinproject
Copy link

Awesome, thanks

FornaxA pushed a commit to ioncoincore/ion that referenced this pull request Jul 6, 2020
@ioncoincore
Merge pull request dashpay#106 from cevap/accept-invalid-blocks-from-…
e4fd9ae 
…flag

AcceptBlock() invalid isBlockFromFork flag
kwvg pushed a commit to kwvg/dash that referenced this pull request Dec 21, 2022
@wjblanke
update lzc fix to relic PR (dashpay#106)
e4a8015
kwvg added a commit to kwvg/dash that referenced this pull request Dec 17, 2024
@kwvg
Squashed 'src/dashbls/' changes from 7e747e8a07..0bb5c5b032
efd5c56 
0bb5c5b032 Merge pull request dashpay#107 from kwvg/bump_1.3.5
3170e82074 Merge pull request dashpay#106 from UdjinM6/bench_chore
6091f5c056 chore: bump version to 1.3.5
90fd986fa5 chore: drop irrelevant PopSchemeMPL benchmark
ba391e681e bench: use BasicSchemeMPL instead of AugSchemeMPL
bcc6cf9cda bench: add benchmars for Serialize/SerializeToArray
cc649f38ee feat: serialize on the stack (dashpay#75)

git-subtree-dir: src/dashbls
git-subtree-split: 0bb5c5b03249c463debb5cef5f7e52ee66f3aaab
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@vertoe @darkcoinproject @theuni @laanwj