Ben Laurie
8aa02e97a7
Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash.
...
(Coverity ID 135).
2008-12-29 13:35:08 +00:00
Andy Polyakov
a68c7b9171
bn_lib.c: [re-]fix Win64 compiler warning.
2008-12-29 12:44:33 +00:00
Andy Polyakov
5cabcf96e7
Fix "possible loss of data" Win64 compiler warnings.
2008-12-29 12:35:49 +00:00
Dr. Stephen Henson
2d1cbc85c8
Add standard .cvsignore file.
2008-12-29 00:27:06 +00:00
Andy Polyakov
e81695205e
x86_64-xlate.pl: support for binary constants, such as 0b1010101.
2008-12-27 14:00:37 +00:00
Andy Polyakov
fe150ac25d
Add modes/cts128.c, Ciphertext Stealing implementation.
2008-12-27 13:40:45 +00:00
Andy Polyakov
bec45a35bb
cmll-x86_64.pl: fix bug in cbc tail processing and comply with Win64 ABI spec.
2008-12-27 13:39:38 +00:00
Andy Polyakov
3b0ee0d2bf
Revisit RT#1801 and complete fix.
2008-12-27 13:32:21 +00:00
Ben Laurie
dde5b979d2
Remove dead code. (Coverity ID 2)
2008-12-27 02:36:24 +00:00
Ben Laurie
57a6ac7c4f
Check scalar->d before we use it (in BN_num_bits()). (Coverity ID 129)
2008-12-27 02:15:16 +00:00
Richard Levitte
4ded7b44a8
More synchronisation with Unix
2008-12-26 23:52:06 +00:00
Ben Laurie
1457619e13
Remove misleading dead code. Constify. (Coverity ID 142)
2008-12-26 17:17:21 +00:00
Ben Laurie
ccf529928f
!a && !a->b is clearly wrong! Changed to !a || !a->b (Coverity ID 145).
2008-12-26 15:32:59 +00:00
Ben Laurie
5ceb595dfa
pval must always be set when pk7_cb() does anything (Coverity ID 146).
2008-12-26 15:29:02 +00:00
Richard Levitte
44390fadc0
In BIO_write(), update the write statistics, not the read statistics.
...
PR: 1803
2008-12-25 22:24:17 +00:00
Richard Levitte
974d05a323
Further synchronisation with Unix
2008-12-25 22:04:42 +00:00
Andy Polyakov
0f76640fba
Windows-specific addenum to "engage crypto/modes" commit #17716 .
2008-12-23 15:15:44 +00:00
Andy Polyakov
a11974180f
Patch the omission from prvious commit #17716 .
2008-12-23 11:38:33 +00:00
Andy Polyakov
5d48a66a6a
Engage crypto/modes.
2008-12-23 11:33:01 +00:00
Andy Polyakov
63fc7f848d
crypto/modes: make modes.h selfsufficient and rename block_f to block128_t.
2008-12-23 11:18:45 +00:00
Andy Polyakov
830457ce4f
Optimize CAST for size on 64-bit platforms. For reference, CAST_LONG being
...
unsigned long must be attributed to 16-bit support. As we don't support
16-bit platoforms anymore, there is no reason to waste twice required
space on CAST S-boxes (16KB vs. 8KB) or key schedule.
2008-12-22 15:21:59 +00:00
Andy Polyakov
ea4d5005d9
cmll-x86_64.pl: Win64 SEH section to handle pushf/popf in CBC routine.
2008-12-22 14:15:11 +00:00
Andy Polyakov
9f03d0fc04
Optimize #undef DES_UNROLL for size.
2008-12-22 14:10:42 +00:00
Andy Polyakov
e527201f6b
This _WIN32-specific patch makes it possible to "wrap" OpenSSL in another
...
.DLL, in particular static build. The issue has been discussed in RT#1230
and later on openssl-dev, and mutually exclusive approaches were suggested.
This completes compromise solution suggested in RT#1230.
PR: 1230
2008-12-22 13:54:12 +00:00
Dr. Stephen Henson
70531c147c
Make no-engine work again.
2008-12-20 17:04:40 +00:00
Andy Polyakov
702e742515
cmll-x86_64.pl: bug fix and size optimization of Win64 SEH section.
2008-12-19 11:19:19 +00:00
Andy Polyakov
be01f79d3d
x86_64 assembler pack: add support for Win64 SEH.
2008-12-19 11:17:29 +00:00
Andy Polyakov
bf785c9849
x86_64-xlate.pl: fix masm hexadecimal constants.
2008-12-19 11:14:38 +00:00
Andy Polyakov
4db4882402
perlasm/x86* update: support for 3 and 4 argument instructions.
2008-12-17 19:56:48 +00:00
Andy Polyakov
6786f52ada
SEGV in AES_cbc_encrypt in aes-x86_64 assembler module.
...
PR: 1801
Submitted by: Huang Ying
2008-12-17 14:11:30 +00:00
Richard Levitte
2e6a7b3efc
Constify where needed
2008-12-16 13:41:49 +00:00
Richard Levitte
63461b8db1
Remove extraneous semicolons
2008-12-16 10:56:05 +00:00
Richard Levitte
e77228ba11
Stack changes made dso_vms.c not compile properly.
2008-12-16 10:55:26 +00:00
Richard Levitte
5c60b1637a
A few more symbols that are a little bit long for VMS
2008-12-16 10:54:53 +00:00
Richard Levitte
26397d2e8c
Synchronise VMS build system with the Unixly one
2008-12-16 10:54:28 +00:00
Andy Polyakov
85b2c0ce7f
128-bit block cipher modes consolidation. As consolidated functions
...
rely on indirect call to block functions, they are not as fast as
non-consolidated routines. However, performance loss(*) is within
measurement error and consolidation advantages are considered to
outweigh it.
(*) actually one can observe performance *improvement* on e.g.
CBC benchmarks thanks to optimization, which also becomes
shared among ciphers.
2008-12-16 08:39:21 +00:00
Andy Polyakov
f826bf7798
SEED to support OPENSSL_SMALL_FOOTPRINT: ~2x size decrease on x86.
2008-12-16 07:41:21 +00:00
Andy Polyakov
3ebbe8853f
Bring C bn_mul_mont template closer to assembler.
2008-12-16 07:28:38 +00:00
Ben Laurie
1f6e9bce21
Missing return values (Coverity ID 204).
2008-12-13 17:19:40 +00:00
Dr. Stephen Henson
9d44cd1642
Oops should check zero_pos >= 0.
2008-12-08 19:13:06 +00:00
Dr. Stephen Henson
1d4e879106
Handle case where v6stat.zero_pos == 0 correctly.
...
Reported by: Kurt Roeckx <kurt@roeckx.be>, Tobias Ginzler <ginzler@fgan.de> (Debian bug #506111 )
2008-12-07 23:58:44 +00:00
Andy Polyakov
ae381fef5c
Add Camellia assembler x86 and x86_64 modules.
2008-12-03 09:22:51 +00:00
Bodo Möller
7a76219774
Implement Configure option pattern "experimental-foo"
...
(specifically, "experimental-jpake").
2008-12-02 01:21:39 +00:00
Dr. Stephen Henson
e9afa08cd1
Update from stable branch.
2008-11-30 16:09:04 +00:00
Geoff Thorpe
bcaa36fd11
Fix compilation with -DOPENSSL_NO_DEPRECATED.
2008-11-28 22:06:55 +00:00
Dr. Stephen Henson
79bd20fd17
Update from stable-branch.
2008-11-24 17:27:08 +00:00
Dr. Stephen Henson
d0c3628834
Set memory BIOs up properly when stripping text headers from S/MIME messages.
2008-11-21 18:18:13 +00:00
Ben Laurie
f3b7bdadbc
Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks.
2008-11-16 12:47:12 +00:00
Ben Laurie
ad7159ea84
Ignore generated ASM.
2008-11-16 12:32:14 +00:00
Andy Polyakov
93c4ba07d7
x86_64-xlate.pl update, engage x86_64 assembler in mingw64.
2008-11-14 16:40:37 +00:00
Ben Laurie
6c901ae8c1
Ignore saved Makefile.
2008-11-13 09:31:37 +00:00
Ben Laurie
90c65a9838
J-PAKE is not experimental in HEAD.
2008-11-13 09:31:08 +00:00
Dr. Stephen Henson
ed551cddf7
Update from stable branch.
2008-11-12 17:28:18 +00:00
Dr. Stephen Henson
5aca224ecd
Reinstate camellia header fix patch.
2008-11-12 17:02:40 +00:00
Andy Polyakov
1416aec60d
Update make rules for x86_64 assembler pack.
2008-11-12 08:19:04 +00:00
Andy Polyakov
aa8f38e49b
x86_64 assembler pack to comply with updated styling x86_64-xlate.pl rules.
2008-11-12 08:15:52 +00:00
Andy Polyakov
8525377265
x86_64-xlate.pl to support MacOS X and mingw64.
2008-11-12 08:05:58 +00:00
Andy Polyakov
2fbc8a2aad
Revert commit #17603 , it should have been part of #17617 .
2008-11-12 07:27:36 +00:00
Geoff Thorpe
6343829a39
Revert the size_t modifications from HEAD that had led to more
...
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2401debe83
Tolerate -----BEGIN PKCS #7 SIGNED DATA----- header lines as used by some
...
implementations.
2008-11-11 12:38:25 +00:00
Dr. Stephen Henson
5c61111bff
Update from stable branch.
2008-11-11 12:23:18 +00:00
Bodo Möller
0a8c9f7de1
symbol deobnoxification
2008-11-11 07:08:59 +00:00
Dr. Stephen Henson
7b808412c9
Make -DKSSL_DEBUG work again.
2008-11-10 19:08:37 +00:00
Dr. Stephen Henson
0afc9f5bc0
PR: 1777
...
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>
Approved by: steve@openssl.org
Fix some size_t issues.
2008-11-05 23:14:32 +00:00
Dr. Stephen Henson
2e5975285e
Update obsolete email address...
2008-11-05 18:39:08 +00:00
Dr. Stephen Henson
5947ca0409
Don't use clobbered 'i' for checking UTCTime and GeneralizedTime length.
2008-11-05 18:28:24 +00:00
Ben Laurie
d40a1b865f
Only one of these needs to be signed.
2008-11-04 15:16:23 +00:00
Ben Laurie
f80921b6a6
Formatting.
2008-11-04 12:06:09 +00:00
Andy Polyakov
8fe8bae15a
Minor perlasm updates.
2008-11-03 08:46:07 +00:00
Dr. Stephen Henson
f2c0230518
Not sure about this one... seems to be needed to make 64 bit release
...
builds work properly...
2008-11-02 18:29:27 +00:00
Dr. Stephen Henson
e6e0c9018c
Fix prototypes.
2008-11-02 18:12:36 +00:00
Dr. Stephen Henson
9619b730b4
Use stddef.h to pick up size_t def.
2008-11-02 16:56:13 +00:00
Dr. Stephen Henson
2766515fca
Fix prototypes.
2008-11-02 16:13:19 +00:00
Dr. Stephen Henson
87d52468aa
Update HMAC functions to return an error where relevant.
2008-11-02 16:00:39 +00:00
Dr. Stephen Henson
70d71f6185
Fix warnings: printf format mismatches on 64 bit platforms.
...
Change assert to OPENSSL_assert().
Fix e_padlock prototype.
2008-11-02 15:41:30 +00:00
Ben Laurie
5ee92a5ec1
Fix asserts. Fix incorrect dependency.
2008-11-02 13:15:06 +00:00
Dr. Stephen Henson
c76fd290be
Fix warnings about mismatched prototypes, undefined size_t and value computed
...
not used.
2008-11-02 12:50:48 +00:00
Ben Laurie
d0a20cafa1
Fix warnings.
2008-11-02 09:22:29 +00:00
Ben Laurie
8da07655ee
Fix warning.
2008-11-02 09:00:25 +00:00
Andy Polyakov
befe1fbc29
Fix bss_log.c on Windows.
2008-11-01 21:09:54 +00:00
Ben Laurie
5e4430e70d
More size_tification.
2008-11-01 16:40:37 +00:00
Ben Laurie
4d6e1e4f29
size_tification.
2008-11-01 14:37:00 +00:00
Andy Polyakov
122396f2db
Fix SHA512 and optimize BN for mingw64.
2008-11-01 12:46:18 +00:00
Andy Polyakov
09a60c9833
Fix warnings after commit#17578.
2008-10-31 20:20:54 +00:00
Andy Polyakov
b444ac3e6f
size_t-fy EVP_CIPHER. Note that being size_t-fied it doesn't require
...
underlying cipher to be size_t-fied, it allows for size_t, signed and
unsigned long. It maintains source and even binary compatibility.
2008-10-31 19:48:25 +00:00
Andy Polyakov
f768be81d8
size_t-fy AES, Camellia and RC4.
2008-10-31 19:30:11 +00:00
Dr. Stephen Henson
91173829db
Add install target to crypto/jpake/Makefile
2008-10-31 12:06:25 +00:00
Andy Polyakov
e6b4578540
randfile.c: .rnd can become orphaned on VMS.
...
Submitted by: David North
2008-10-28 16:25:47 +00:00
Andy Polyakov
ea71ec1b11
ec2_mult.c readability update.
2008-10-28 13:53:51 +00:00
Andy Polyakov
f1455b3063
Minor clean-up in bn_lib.c: constification and optimization.
2008-10-28 13:52:51 +00:00
Andy Polyakov
b764f82c64
Fix crash in BN_rshift.
...
PR: 1663
2008-10-28 13:46:14 +00:00
Andy Polyakov
436bdcff4e
Harmonize Camellia API with version 1.x.
2008-10-28 12:13:52 +00:00
Andy Polyakov
27f864e8ac
Camellia update. Quoting camellia.c:
...
/*
* This release balances code size and performance. In particular key
* schedule setup is fully unrolled, because doing so *significantly*
* reduces amount of instructions per setup round and code increase is
* justifiable. In block functions on the other hand only inner loops
* are unrolled, as full unroll gives only nominal performance boost,
* while code size grows 4 or 7 times. Also, unlike previous versions
* this one "encourages" compiler to keep intermediate variables in
* registers, which should give better "all round" results, in other
* words reasonable performance even with not so modern compilers.
*/
2008-10-28 08:47:24 +00:00
Andy Polyakov
80aa9cc985
x86_64-xlate.pl update: refine SEH support.
2008-10-28 08:40:07 +00:00
Dr. Stephen Henson
ab7e09f59b
Win32 fixes... add new directory to build system. Fix warnings.
2008-10-27 12:31:13 +00:00
Dr. Stephen Henson
e9eda23ae6
Fix warnings and various issues.
...
C++ style comments.
Signed/unsigned warning in apps.c
Missing targets in jpake/Makefile
2008-10-27 12:02:52 +00:00
Ben Laurie
6caa4edd3e
Add JPAKE.
2008-10-26 18:40:52 +00:00
Dr. Stephen Henson
df0681e554
Add permanentIdentifier OID.
2008-10-22 18:48:11 +00:00
Dr. Stephen Henson
e19106f5fb
Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
...
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.
This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
2008-10-22 15:43:01 +00:00
Geoff Thorpe
ae7ec4c71d
Apparently '__top' is also risky, obfuscate further. (All this to
...
avoid inlines...)
2008-10-22 12:00:15 +00:00
Geoff Thorpe
3fdc6c11aa
Use of a 'top' var creates "shadow variable" warnings.
2008-10-22 01:25:45 +00:00
Dr. Stephen Henson
dcf6b3e9b6
Reinstate obj_xref.h as it is not auto generated on all platforms.
2008-10-20 15:12:48 +00:00
Dr. Stephen Henson
606f6c477a
Fix a shed load or warnings:
...
Duplicate const.
Use of ; outside function.
2008-10-20 15:12:00 +00:00
Ben Laurie
0d6f9c7181
Constification.
2008-10-19 22:51:27 +00:00
Dr. Stephen Henson
111a6e2a23
Fix multiple ; warning.
2008-10-18 15:02:59 +00:00
Ben Laurie
d764e7edb8
Fix warning a different way.
2008-10-18 12:12:34 +00:00
Andy Polyakov
aff8259510
Fix argument order in BN_nnmod call and implement rigorous boundary
...
condition check.
2008-10-16 07:54:41 +00:00
Andy Polyakov
256b3e9c5f
Optimize bn_correct_top.
2008-10-15 10:48:52 +00:00
Andy Polyakov
762a2e3cab
Remove redundant BN_ucmp, fix boundary condition in BN_nist_mod_224 and
...
reimplement BN_nist_mod_521.
2008-10-15 10:47:48 +00:00
Ben Laurie
28b6d5020e
Set comparison function in v3_add_canonize().
2008-10-14 19:27:07 +00:00
Dr. Stephen Henson
0f7efbc859
Ooops... remove code accidentally commited from FIPS version.
2008-10-14 15:44:14 +00:00
Dr. Stephen Henson
a7ae4abfd9
Add missing lock definitions...
2008-10-14 15:24:49 +00:00
Dr. Stephen Henson
30661b1b01
Add missing lock definitions.
2008-10-14 15:22:11 +00:00
Ben Laurie
1ea6472e60
Type-safe OBJ_bsearch_ex.
2008-10-14 08:10:52 +00:00
Ben Laurie
babb379849
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
Dr. Stephen Henson
87d3a0cd90
Experimental new date handling routines. These fix issues with X509_time_adj()
...
and should avoid any OS date limitations such as the year 2038 bug.
2008-10-07 22:55:27 +00:00
Lutz Jänicke
1e369b375e
Fix incorrect command for assember file generation on IA64
...
Submitted by: Amadeu A. Barbosa Jr <amadeu@tecgraf.puc-rio.br>
2008-10-06 10:34:49 +00:00
Andy Polyakov
6bf24568bc
Fix EC_KEY_check_key.
2008-09-23 17:33:11 +00:00
Bodo Möller
1a489c9af1
From branch OpenSSL_0_9_8-stable: Allow soft-loading engines.
...
Also, fix CHANGES (consistency with stable branch).
2008-09-15 20:41:24 +00:00
Andy Polyakov
d7235a9d68
Fix yesterday typos in bss_dgram.c.
2008-09-15 05:43:04 +00:00
Geoff Thorpe
fa0f834c20
Fix build warnings.
2008-09-15 04:02:37 +00:00
Andy Polyakov
b9790c1cd4
Winsock handles SO_RCVTIMEO in unique manner...
...
PR: 1648
2008-09-14 19:22:52 +00:00
Bodo Möller
db99c52509
Really get rid of unsafe double-checked locking.
...
Also, "CHANGES" clean-ups.
2008-09-14 13:51:44 +00:00
Bodo Möller
f8d6be3f81
Some precautions to avoid potential security-relevant problems.
2008-09-14 13:42:34 +00:00
Andy Polyakov
492279f6f3
AIX build updates.
2008-09-12 14:45:54 +00:00
Ben Laurie
43048d13c8
Fix warning.
2008-09-07 13:22:34 +00:00
Dr. Stephen Henson
d43c4497ce
Initial support for delta CRLs. If "use deltas" flag is set attempt to find
...
a delta CRL in addition to a full CRL. Check and search delta in addition to
the base.
2008-09-01 15:15:16 +00:00
Dr. Stephen Henson
4b96839f06
Add support for CRLs partitioned by reason code.
...
Tidy CRL scoring system.
Add new CRL path validation error.
2008-08-29 11:37:21 +00:00
Dr. Stephen Henson
249a77f5fb
Add support for freshest CRL extension.
2008-08-27 15:52:05 +00:00
Dr. Stephen Henson
d0fff69dc9
Initial indirect CRL support.
2008-08-20 16:42:19 +00:00
Dr. Stephen Henson
8c9bd89338
Support for certificateIssuer CRL entry extension.
2008-08-18 16:48:47 +00:00
Bodo Möller
2e415778f2
Don't use assertions to check application-provided arguments;
...
and don't unnecessarily fail on input size 0.
2008-08-14 21:37:51 +00:00
Dr. Stephen Henson
9d84d4ed5e
Initial support for CRL path validation. This supports distinct certificate
...
and CRL signing keys.
2008-08-13 16:00:11 +00:00
Dr. Stephen Henson
2e0c7db950
Initial code to support distinct certificate and CRL signing keys where the
...
CRL issuer is not part of the main path.
Not complete yet and not compiled in because the CRL issuer certificate is
not validated.
2008-08-12 16:07:52 +00:00
Dr. Stephen Henson
002e66c0e8
Support for policy mappings extension.
...
Delete X509_POLICY_REF code.
Fix handling of invalid policy extensions to return the correct error.
Add command line option to inhibit policy mappings.
2008-08-12 10:32:56 +00:00
Dr. Stephen Henson
e9746e03ee
Initial support for name constraints certificate extension.
...
TODO: robustness checking on name forms.
2008-08-08 15:35:29 +00:00
Geoff Thorpe
4c3296960d
Remove the dual-callback scheme for numeric and pointer thread IDs,
...
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).
Thanks to Bodo, for invaluable review and feedback.
2008-08-06 15:54:15 +00:00
Andy Polyakov
96826bfc84
sha1-armv4-large cosmetics.
2008-08-06 08:58:45 +00:00
Andy Polyakov
eb1aa135d8
sha1-armv4-large.pl performance improvement. On PXA255 it gives +10% on
...
8KB block, +60% on 1KB, +160% on 256B...
2008-08-06 08:47:07 +00:00
Dr. Stephen Henson
6d6c47980e
Correctly handle errors in CMS I/O code.
2008-08-05 15:55:53 +00:00
Dr. Stephen Henson
3e727a3b37
Add support for nameRelativeToCRLIssuer field in distribution point name
...
fields.
2008-08-04 15:34:27 +00:00
Dr. Stephen Henson
a9ff742e42
Make explicit_policy handling match expected RFC3280 behaviour.
2008-08-02 11:16:35 +00:00
Dr. Stephen Henson
5cbd203302
Initial support for alternative CRL issuing certificates.
...
Allow inibit any policy flag to be set in apps.
2008-07-30 15:49:12 +00:00
Dr. Stephen Henson
592a207b94
Policy validation fixes.
...
Inhibit any policy count should ignore self issued certificates.
Require explicit policy is the number certificate before an explict policy
is required.
2008-07-30 15:41:42 +00:00
Andy Polyakov
b94551e823
perlasm update: implement dataseg directive.
2008-07-22 08:44:31 +00:00
Andy Polyakov
9b634c9b37
x86_64-xlate.pl: implement indirect jump/calls, support for Win64 SEH.
2008-07-22 08:42:06 +00:00
Bodo Möller
5b331ab77a
We should check the eight bytes starting at p[-9] for rollback attack
...
detection, or the probability for an erroneous RSA_R_SSLV3_ROLLBACK_ATTACK
will be larger than necessary.
PR: 1695
2008-07-17 22:11:53 +00:00
Andy Polyakov
dd6f479ea8
mem_dbg.c: avoid compiler warnings.
...
PR: 1693
Submitted by: Stefan Neis
2008-07-17 13:58:21 +00:00
Andy Polyakov
87facba376
Remove junk argument to function_begin in sha/asm/*-586.pl.
...
PR: 1681
2008-07-17 09:50:56 +00:00
Andy Polyakov
e4662fdb62
x86masm.pl: harmonize functions' alignment.
2008-07-17 09:46:09 +00:00
Bodo Möller
efa73a77e4
Make sure not to read beyond end of buffer
2008-07-16 18:10:27 +00:00
Andy Polyakov
89778b7f3f
x86_64cpuid.pl cosmetics: harmonize $dir treatment with other modules.
2008-07-15 19:52:20 +00:00
Andy Polyakov
c79c5a256b
des-596.pl update: short-circuit reference to DES_SPtrans.
2008-07-15 13:24:16 +00:00
Andy Polyakov
9960bdc6fa
x86masm.pl cosmetics.
2008-07-15 13:16:42 +00:00
Andy Polyakov
23dcb447ff
x86nasm.pl update: use pre-defined macros and allow for /safeseh link.
2008-07-15 12:50:44 +00:00
Dr. Stephen Henson
34d05a4023
Zero is a valid value for any_skip and map_skip
2008-07-13 22:38:18 +00:00
Dr. Stephen Henson
dcc0c29876
We support inhibit any policy extension, add to table.
2008-07-13 15:55:37 +00:00
Dr. Stephen Henson
db50661fce
X509 verification fixes.
...
Ignore self issued certificates when checking path length constraints.
Duplicate OIDs in policy tree in case they are allocated.
Use anyPolicy from certificate cache and not current tree level.
2008-07-13 14:25:36 +00:00
Dr. Stephen Henson
d4cdbab99b
Avoid warnings with -pedantic, specifically:
...
Conversion between void * and function pointer.
Value computed not used.
Signed/unsigned argument.
2008-07-04 23:12:52 +00:00
Geoff Thorpe
5f834ab123
Revert my earlier CRYPTO_THREADID commit, I will commit a reworked
...
version some time soon.
2008-07-03 19:59:25 +00:00
Dr. Stephen Henson
8528128b2a
Update from stable branch.
2008-06-26 23:27:31 +00:00
Bodo Möller
8228fd89fc
avoid potential infinite loop in final reduction round of BN_GF2m_mod_arr()
...
Submitted by: Huang Ying
Reviewed by: Douglas Stebila
2008-06-23 20:46:24 +00:00
Dr. Stephen Henson
6c2878344f
Fix from stable branch.
2008-06-21 23:28:55 +00:00
Dr. Stephen Henson
a01a351cc2
Update from stable branch.
2008-06-16 15:51:48 +00:00
Dr. Stephen Henson
6cb9fca70d
Fix memory leak. The canonical X509_NAME_ENTRY STACK is reallocated rather
...
than referencing existing X509_NAME_ENTRY structures so needs to be
completely freed.
2008-06-06 11:26:07 +00:00
Dr. Stephen Henson
985de86340
Remove old non-safestack code.
2008-06-04 14:34:39 +00:00
Dr. Stephen Henson
c07a126fb2
Make DSO WIN32 compile again.
2008-06-04 11:53:14 +00:00
Ben Laurie
5ce278a77b
More type-checking.
2008-06-04 11:01:43 +00:00
Dr. Stephen Henson
59d2d48f64
Add support for client cert engine setting in s_client app.
...
Add appropriate #ifdefs round client cert functions in headers.
2008-06-03 11:26:27 +00:00
Dr. Stephen Henson
55bef26d8a
#undef OCSP_RESPONSE: CryptoAPI uses this too.
2008-06-02 23:09:04 +00:00
Dr. Stephen Henson
3fc59c8406
Allow ENGINE client cert callback to specify a set of other certs, for
...
the rest of the certificate chain. Currently unused.
2008-06-01 22:45:08 +00:00
Dr. Stephen Henson
eafd6e5110
Update error codes, move typedef of SSL, SSL_CTX to ossl_typ.h
2008-06-01 21:18:47 +00:00
Dr. Stephen Henson
05935c47b2
Add support for ENGINE supplied SSL client auth.
2008-06-01 21:10:30 +00:00
Dr. Stephen Henson
a4792168ec
Update VC-32.pl and load CryptoAPI engine in the right place.
2008-05-31 23:21:40 +00:00
Dr. Stephen Henson
90b96776cd
More CryptoAPI engine code from stable branch.
2008-05-31 22:53:16 +00:00
Dr. Stephen Henson
ab3eafd5b5
Stop warning about extra ';' outside of function.
2008-05-31 19:17:25 +00:00
Dr. Stephen Henson
83574cf808
Fix from stable branch.
2008-05-30 10:57:49 +00:00
Dr. Stephen Henson
595852f3b5
Avoid "duplicate const" warnings.
2008-05-27 11:44:03 +00:00
Dr. Stephen Henson
0a56761f19
Avoid warning about empty structures and always define CHECKED_PTR_OF
2008-05-27 11:28:49 +00:00
Dr. Stephen Henson
220903f92e
C++ style comments fixed.
2008-05-26 15:39:36 +00:00
Ben Laurie
3c1d6bbc92
LHASH revamp. make depend.
2008-05-26 11:24:29 +00:00
Dr. Stephen Henson
64ddafc6b6
Update from stable branch.
2008-05-20 11:52:57 +00:00
Dr. Stephen Henson
781f0a9bb5
Fix from stable branch.
2008-05-20 11:30:27 +00:00
Lutz Jänicke
3de5a7745f
Correctly adjust location of comment
...
Submitted by: Ben Laurie <ben@links.org>
2008-05-20 08:10:48 +00:00
Dr. Stephen Henson
94fd382f8b
Fix two invalid memory reads in RSA OAEP mode.
...
Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>
Reviewed by: steve
2008-05-19 21:33:55 +00:00
Bodo Möller
4bd4afa34e
Change use of CRYPTO_THREADID so that we always use both the ulong and
...
ptr members.
(So if the id_callback is bogus, we still have &errno.)
2008-05-19 20:45:25 +00:00
Bodo Möller
148bb9515c
Disable code that clearly doesn't currently serve any useful purpose.
...
(Buggy line reported by Matthias Koenig.)
2008-05-19 19:44:45 +00:00
Lutz Jänicke
8b99c79fae
Another occurance of possible valgrind/purify "uninitialized memory"
...
complaint related to the PRNG: with PURIFY policy don't feed uninitialized
memory into the PRNG.
Submitted by: Bodo Moeller <bmoeller@openssl.org> :-)
2008-05-16 07:14:26 +00:00
Dr. Stephen Henson
e718520cc5
Add missing cast.
2008-05-09 23:16:24 +00:00
Andy Polyakov
4f46934269
Depict future Win64/x64 development.
2008-05-03 18:34:59 +00:00
Bodo Möller
fabe640f5e
Clarifying comment.
2008-05-02 18:47:48 +00:00
Dr. Stephen Henson
19048b5c8d
New function CMS_add1_crl().
2008-05-02 17:27:01 +00:00
Dr. Stephen Henson
156ee88285
Indicate support for digest init ctrl.
2008-05-02 11:24:40 +00:00
Bodo Möller
d05a474556
Montgomery-related minor cleanups/documentation
2008-05-01 18:48:20 +00:00
Geoff Thorpe
e7b097f558
Fix auto-discovery of ENGINEs. See the CHANGES entry for details (and/or
...
ticket #1668 ).
PR: 1668
Submitted by: Ian Lister
Reviewed by: Geoff Thorpe
2008-04-28 21:39:09 +00:00
Andy Polyakov
ba6f95e81b
Add 64-bit support to BN_nist_mod_244 and engage BN_nist_mod_* on 64-bit
...
platforms.
2008-04-24 10:04:26 +00:00
Andy Polyakov
281066cb03
Compensate inline assembler in sha512.c for gcc 2.7.2 compiler bug.
...
PR: 1667
2008-04-24 09:59:45 +00:00
Andy Polyakov
830b8877ba
Takanori Yanagisawa has shown how to correctly use pre-computed values.
...
So in a sense this commit reverts few latest ones fixing bugs in original
code and improving it, most notably adding 64-bit support [though not in
BN_nist_mod_224 yet].
PR: 1593
2008-04-23 08:10:25 +00:00
Andy Polyakov
9912ab6770
Resolve __DECC warning and keep disclaiming support for 16-bit platforms.
2008-04-18 15:47:30 +00:00
Andy Polyakov
299ab428ce
Fix remaining BN_nist_mod_*.
...
PR: 1593
2008-04-18 15:40:57 +00:00
Dr. Stephen Henson
e6ef05d5f3
Make certs argument work in CMS_sign() add test case.
...
PR:1664
2008-04-18 11:18:20 +00:00
Richard Levitte
e33c72dfc6
Synchronise with Unix.
2008-04-18 06:04:03 +00:00
Lutz Jänicke
4c1a6e004a
Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev
...
PR: 1552
Submitted by: Roumen Petrov <openssl@roumenpetrov.info>, "Alon Bar-Lev" <alon.barlev@gmail.com>
2008-04-17 10:19:16 +00:00
Richard Levitte
6e6ada18c6
Further synchronisation with Unix build. I hadn't noticed pq_compat.h
...
was gone...
2008-04-12 08:41:05 +00:00
Richard Levitte
b35a131069
Provide other forms for symbols that are too long or that clash with others
2008-04-12 08:40:01 +00:00
Dr. Stephen Henson
852bd35065
Fix prototype for CMS_decrypt(), don't free up detached content.
2008-04-11 23:45:52 +00:00
Dr. Stephen Henson
a5db50d005
Revert argument swap change... oops CMS_uncompress() was consistent...
2008-04-11 23:23:18 +00:00
Dr. Stephen Henson
529d329ce1
Make CMS_uncompress() argument order consistent with other functions.
2008-04-11 17:34:13 +00:00
Dr. Stephen Henson
c02b6b6b21
Fix for compression and updated CMS_final().
2008-04-11 17:07:01 +00:00
Richard Levitte
fc003bcecb
Synchronise with Unix build
2008-04-11 01:53:16 +00:00
Dr. Stephen Henson
e0fbd07309
Add additional parameter to CMS_final() to handle detached content.
2008-04-10 11:22:14 +00:00
Dr. Stephen Henson
eaee098e1f
Ignore nonsensical flags for signed receipts.
2008-04-10 11:12:42 +00:00
Andy Polyakov
d4122504a2
Clarifying comment.
2008-04-09 12:06:42 +00:00
Andy Polyakov
2c4226c42b
Do BN_nist_mod_384 by the book, as cheating doesn't work. Other functions
...
will be revised too.
PR: 1593
2008-04-09 11:36:04 +00:00
Dr. Stephen Henson
853eae51e0
Implement CMS_NOCRL.
2008-04-07 11:00:44 +00:00
Dr. Stephen Henson
ff80280b01
Set contentType attribute just before signing to allow encapsulated content
...
type to be set at any time in applications.
2008-04-06 16:29:47 +00:00
Dr. Stephen Henson
e45641bd17
Fix typo and add header files to err library.
2008-04-06 15:53:29 +00:00
Dr. Stephen Henson
d5a37b0293
Give consistent return value and add error code for duplicate certificates.
2008-04-06 15:41:25 +00:00
Dr. Stephen Henson
6819050722
Delete nonexistant function from pkcs7.h header file. WIN32 build fix from
...
stable branch. Sync and update ordinals.
2008-04-04 00:06:43 +00:00
Dr. Stephen Henson
3247812e34
Since OID NIDs with 0.9.8.
2008-04-02 10:48:34 +00:00
Dr. Stephen Henson
a5cdb7d5bd
Avoid warnings.
2008-04-01 16:29:42 +00:00
Andy Polyakov
2819ffb520
Fix fast reduction on NIST curves (as well BN_NIST_ADD_ONE macro).
...
PR: 1593
2008-04-01 08:39:08 +00:00
Dr. Stephen Henson
964c7e8f6d
Fix it properly this time....
2008-03-31 18:21:30 +00:00
Dr. Stephen Henson
f6a45ac5ac
Fix macro.
2008-03-31 18:14:10 +00:00
Dr. Stephen Henson
2e86f0d8d7
Use correct headers for signed receipts. Use consistent naming.
...
Update cms-test.pl to support OpenSSL 0.9.8.
2008-03-31 15:03:55 +00:00
Dr. Stephen Henson
e2a29d49ca
Update dependencies.
2008-03-29 21:11:25 +00:00
Dr. Stephen Henson
b99674103d
Remove unnecessary header.
2008-03-29 21:08:37 +00:00
Dr. Stephen Henson
36309aa2be
Signed receipt generation code.
2008-03-28 19:43:16 +00:00
Dr. Stephen Henson
eb9d8d8cd4
Support for verification of signed receipts.
2008-03-28 13:15:39 +00:00
Geoff Thorpe
f7ccba3edf
There was a need to support thread ID types that couldn't be reliably cast
...
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed
version was added but it required portable code to check *both* modes to
determine equality. This commit maintains the availability of both thread
ID types, but deprecates the type-specific accessor APIs that invoke the
callbacks - instead a single type-independent API is used. This simplifies
software that calls into this interface, and should also make it less
error-prone - as forgetting to call and compare *both* thread ID accessors
could have led to hard-to-debug/infrequent bugs (that might only affect
certain platforms or thread implementations). As the CHANGES note says,
there were corresponding deprecations and replacements in the
thread-related functions for BN_BLINDING and ERR too.
2008-03-28 02:49:43 +00:00
Dr. Stephen Henson
f5e2354c9d
Add support for signed receipt request printout and generation.
2008-03-26 17:40:22 +00:00
Dr. Stephen Henson
f4cc56f494
Signed Receipt Request utility functions and option on CMS utility to
...
print out receipt requests.
2008-03-26 13:10:21 +00:00
Dr. Stephen Henson
be86c7fc87
Add signed receipt ASN1 structures. Initial GENERAL_NAME utility functions.
2008-03-24 22:14:02 +00:00
Dr. Stephen Henson
ab568a17cf
Fix duplicate asn1 ctrl values.
2008-03-23 14:13:45 +00:00
Dr. Stephen Henson
fe591284be
Update dependencies.
2008-03-22 18:52:03 +00:00
Geoff Thorpe
5ffba305c8
Comment out a (currently) unused CMS function. (Sorry Steve, but I need
...
-Werror right now to help me code-by-domino :-)
2008-03-19 23:08:20 +00:00
Dr. Stephen Henson
054307e7ed
Allow alternate eContentType oids to be set in cms utility.
...
Add id-ct-asciiTextWithCRLF OID.
Give more meaninful error message is attempt to use key ID from a certificate
without a key ID.
2008-03-19 19:34:30 +00:00
Dr. Stephen Henson
8cd358bef8
Rebuild CMS error codes.
2008-03-19 18:42:02 +00:00
Dr. Stephen Henson
eeb9cdfc94
Add support for KEK decrypt in cms utility.
2008-03-19 18:39:51 +00:00
Dr. Stephen Henson
16fe5f8b50
Produce meaningful error if sanity check fails.
...
Delete trailing whitespace from objects.txt
Delete duplicate NIDs.
2008-03-19 17:01:12 +00:00
Dr. Stephen Henson
041e7f2eee
Additional sanity check.
2008-03-19 14:18:36 +00:00
Dr. Stephen Henson
ab12438030
Add support for KEKRecipientInfo in cms application.
2008-03-19 13:53:52 +00:00
Dr. Stephen Henson
f7e85c371e
Uninitialized variable bug fix.
2008-03-18 18:18:25 +00:00
Dr. Stephen Henson
e4f0e40eac
Various tidies/fixes:
...
Make streaming support in cms cleaner.
Note errors in various S/MIME functions if CMS_final() fails.
Add streaming support for enveloped data.
2008-03-18 13:45:43 +00:00
Dr. Stephen Henson
6e3bc4f073
More support for KEK RecipientInfo.
...
Generalise RecipientInfo and enveloped data handling so applications can
add their own key lookup routines as well as using the standard ones.
2008-03-18 01:00:38 +00:00
Dr. Stephen Henson
c36e936b60
Partial support for KEKRecipientInfo type.
2008-03-17 18:11:27 +00:00
Dr. Stephen Henson
761ffa729f
Preliminary support for enveloped data content type creation.
...
Fix signed data creation so versions are only corrected if structure is
being created.
2008-03-17 13:38:51 +00:00
Geoff Thorpe
1e26a8baed
Fix a variety of warnings generated by some elevated compiler-fascism,
...
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00
Dr. Stephen Henson
7c337e00d2
Fix some warnings.
2008-03-16 20:59:10 +00:00
Dr. Stephen Henson
deb21fbae9
Remove deleted function from header file, update mkfiles.pl
2008-03-16 18:41:20 +00:00
Dr. Stephen Henson
a981e2adbc
Add support for random key generation: this will be needed by enveloped data.
2008-03-16 13:05:03 +00:00
Dr. Stephen Henson
4f1aa191b3
Initial support for enveloped data decrypt. Extent runex.pl to cover these
...
examples. All RFC4134 examples can not be processed.
2008-03-15 23:21:33 +00:00
Dr. Stephen Henson
e540d1cd77
Check for cipher BIO errors and set key length after parameter decode.
2008-03-15 13:37:32 +00:00
Dr. Stephen Henson
fd47c36136
Return error if no cipher set for encrypted data type.
...
Update CHANGES.
2008-03-15 00:02:23 +00:00
Dr. Stephen Henson
d9f5f07e28
Initial support for Encrypted Data type generation.
2008-03-14 23:30:56 +00:00
Dr. Stephen Henson
320bfc1be7
Reorganise encrypted content info code to avoid duplication and be more
...
consistent with other content types.
2008-03-14 19:37:56 +00:00
Dr. Stephen Henson
b820455c6e
Encrypted Data type processing. Add options to cms utility and run section 7
...
tests in RFC4134.
2008-03-14 13:21:48 +00:00
Dr. Stephen Henson
5c4436c977
New utility functions for encryptedData content type which will also be used
...
by envelopedData.
Use PRE and not POST when freeing up RecipientInfo.
2008-03-14 00:58:43 +00:00
Dr. Stephen Henson
a78a03744d
Only call free once in CHOICE type.
2008-03-14 00:57:01 +00:00
Dr. Stephen Henson
31d3c84422
.cvignore file for cms
2008-03-13 00:50:02 +00:00
Dr. Stephen Henson
afff52a3ba
Free up additional data in RecipientInfo structure
2008-03-13 00:48:59 +00:00
Dr. Stephen Henson
8931b30d84
And so it begins...
...
Initial support for CMS.
Add zlib compression BIO.
Add AES key wrap implementation.
Generalize S/MIME MIME code to support CMS and/or PKCS7.
2008-03-12 21:14:28 +00:00
Dr. Stephen Henson
3964038fe6
#undef X509_EXTENSIONS to avoid conflict with CryptoAPI.
2008-03-12 00:37:31 +00:00
Dr. Stephen Henson
b510d77535
We already have an object for "zlib compression" but it was a place
...
holder and its actual encoding never used.
Just as well because it's value looks like it was made up in the mists of
time...
Now there is a registered value for zlib compression (used in S/MIME
compressedData content type) use that instead.
2008-02-29 14:24:52 +00:00
Dr. Stephen Henson
56c7754cab
Avoid warnings.
2008-02-28 14:05:01 +00:00
Dr. Stephen Henson
a70a49a018
Fix typo and avoid warning.
2008-02-28 13:18:26 +00:00
Andy Polyakov
61b05a0025
Make x86_64-mont.pl work with debug Win64 build.
2008-02-27 20:09:28 +00:00
Bodo Möller
7c9882eb24
fix BIGNUM flag handling
2008-02-27 06:01:28 +00:00
Dr. Stephen Henson
a9e96d724d
Use default value for $dir if it is empty.
2008-02-25 13:14:06 +00:00
Andy Polyakov
a23e3dbee1
Support for NASM>=2 in Win64/x64 build.
2008-02-13 13:07:52 +00:00
Dr. Stephen Henson
400ca0e467
Add OIDs for compressedData content type and zlib compression.
2008-02-12 13:48:10 +00:00
Dr. Stephen Henson
9536b85c07
Typo.
2008-02-12 01:24:50 +00:00
Dr. Stephen Henson
4d318c79b2
Utility attribute function to retrieve attribute data from an expected
...
type. Useful for many attributes which are single valued and can only
have one type.
2008-02-11 17:52:38 +00:00
Dr. Stephen Henson
1ad90a916b
Extend attribute setting routines to support non-string types.
2008-02-11 13:59:33 +00:00
Andy Polyakov
8ab9025e31
Ad-hockery for Platform SDK ml64.
2008-02-11 13:04:39 +00:00
Dr. Stephen Henson
9e5df8e448
Support custom primitive type printing routines and add one to LONG type.
2008-02-08 13:07:04 +00:00
Andy Polyakov
96d13fe62b
Micro-profiling assisted "optimization" for Power6. Essentially it's so
...
to say educational commit. Reordering instructions doesn't improve
performance much, rather exhibits Power6 limitations.
2008-02-06 10:18:19 +00:00
Andy Polyakov
089458b096
ppc64-mont optimization.
2008-02-05 13:10:14 +00:00
Andy Polyakov
339ad7ce73
rc5/asm/rc5-586.pl was erroneously omitted from last perlasm unification.
2008-01-17 19:48:01 +00:00
Andy Polyakov
676517e08e
crypto/rc5/Makefile was erroneously omitted from last perlasm unification.
...
Also remove obsolete and now misleading comments.
2008-01-15 11:27:06 +00:00
Dr. Stephen Henson
52108cecc0
<strings.h> does not exist under WIN32.
2008-01-14 18:10:55 +00:00
Andy Polyakov
addd641f3a
Unify ppc assembler make rules.
2008-01-13 22:01:30 +00:00
Andy Polyakov
ca55d11f84
Allow to specify filename on sha1-ia64.pl command line.
2008-01-13 17:43:11 +00:00
Andy Polyakov
abe7f8b457
Make all x86_64 modules independent on current working directory.
2008-01-13 17:42:04 +00:00
Andy Polyakov
a078befcbe
rc4-x86_64 portability fix.
2008-01-12 11:29:45 +00:00
Ben Laurie
f12797a447
Missing headers.
2008-01-12 11:22:31 +00:00
Andy Polyakov
fa8e921f66
Unify x86 perlasm make rules.
2008-01-11 13:15:11 +00:00
Dr. Stephen Henson
4d1f3f7a6c
Update perl asm scripts include paths for perlasm.
2008-01-05 22:28:38 +00:00
Andy Polyakov
ab0ff06205
Make aes-x86_64 work with debug Win64 build.
2008-01-05 18:17:20 +00:00
Andy Polyakov
79eeb47031
Make AES_T[ed] private to aes-586 module.
2008-01-05 08:58:18 +00:00
Andy Polyakov
731339627f
Last dso_dlfcn.c check-in said "Use Dl_info only on systems where it is
...
known to exist. It does not exist on AIX 4.3.3, AIX 5.1, SCO 5, or Cygwin"
and disabled it on banch of systems it's known to exists, such as FreeBSD,
Solaris, 64-bit HP-UX, MacOS X. Get it straight.
2008-01-04 23:03:23 +00:00
Andy Polyakov
26e71a1850
x86gas.pl update.
2008-01-04 22:58:50 +00:00
Dr. Stephen Henson
eef0c1f34c
Netware support.
...
Submitted by: Guenter Knauf <eflash@gmx.net>
2008-01-03 22:43:04 +00:00
Andy Polyakov
3a87756fed
perlasm/x86*.pl updates.
2008-01-03 16:21:06 +00:00
Andy Polyakov
c8ec4a1b0b
Final (for this commit series) optimized version and with commentary section.
2007-12-29 20:30:09 +00:00
Andy Polyakov
699e1a3a82
This is also informational commit exposing loop modulo scheduling "factor."
2007-12-29 20:28:01 +00:00
Andy Polyakov
64214a2183
New Montgomery multiplication module, ppc64-mont.pl. Reference, non-optimized
...
implementation. This is essentially informational commit.
2007-12-29 20:26:46 +00:00
Andy Polyakov
0fcb905b0d
ppc-xlate.pl update.
2007-12-29 18:50:44 +00:00
Andy Polyakov
4be63cfb55
Source readability fix, which incidentally works around XLC compiler bug.
2007-12-29 18:32:34 +00:00
Andy Polyakov
ca64056836
Engage x86 assembler in Mac OS X build.
2007-12-18 17:33:49 +00:00
Andy Polyakov
df77428443
Mac OS X x86 assembler support.
2007-12-18 17:28:22 +00:00
Andy Polyakov
3e583572b3
Disable support for Metrowerks assembler. Assembler itself is broken,
...
specifically it incorrectly encodes EA offsets between 128 and 255.
2007-12-18 09:32:20 +00:00
Andy Polyakov
43d8f27dca
x86 perlasm overhaul.
2007-12-18 09:18:49 +00:00
Dr. Stephen Henson
b045299113
Avoid aliasing warning.
2007-12-16 13:57:44 +00:00
Dr. Stephen Henson
cec2538ca9
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>, steve
...
Use default algorithms for OCSP request and response signing. New command
line option to support other digest use for OCSP certificate IDs.
2007-12-04 12:41:28 +00:00
Richard Levitte
28f7e60d47
Change submitted by Doug Kaufman. He writes:
...
I just compiled the 9.9-dev version from the 12022007 tarball under
DJGPP. There were only 2 changes needed, one for b_sock.c, since
DJGPP with WATT32 doesn't define socklen_t and one for testtsa to
handle DOS style path separators. I also noted what seems to be a
typographical error in ts.pod. The test suite passes. The patch is
attached.
Since I am in the US, I have sent notifications to the Bureau of
Industry and Security and to the NSA.
2007-12-03 09:02:29 +00:00
Andy Polyakov
544b82e493
Some assembler are allergic to lea reg,BYTE PTR[...].
...
Submitted by: Guenter Knauf
2007-12-02 21:32:03 +00:00
Andy Polyakov
8789af8db8
Structure symbol decorations, optimize label handling...
2007-11-24 16:03:57 +00:00
Dr. Stephen Henson
1ad6a1b5e9
Rebuild OID database: duplicates got in there somehow??
2007-11-23 00:34:00 +00:00
Dr. Stephen Henson
6e150083bb
Fix from stable branch.
2007-11-23 00:19:24 +00:00
Dr. Stephen Henson
98d8baabbd
Add caRepository OID and sync object NIDs with OpenSSL 0.9.8.
2007-11-23 00:14:59 +00:00
Andy Polyakov
c1d2e00ec5
Synchronize x86nasm.pl with x86unix.pl.
2007-11-22 21:21:35 +00:00
Andy Polyakov
ad8bd4ece8
Combat [bogus] relocations in some assember modules.
2007-11-22 20:51:48 +00:00
Dr. Stephen Henson
2f0550c4c1
Lookup public key ASN1 methods by string by iterating through all
...
implementations instead of all added ENGINEs to cover case where an
ENGINE is not added.
2007-11-21 17:25:58 +00:00
Dr. Stephen Henson
94e6ae7a69
Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
...
Make {d2i,i2d}_PrivateKey() fall back to PKCS#8 format if no legacy format
supported. Add support in d2i_AutoPrivateKey().
2007-11-20 13:37:51 +00:00
Dr. Stephen Henson
f670738987
Rebuild object cross reference table.
2007-11-20 13:04:45 +00:00
Bodo Möller
4726fcfc25
Should reject signatures that we can't properly verify
...
and couldn't generate
(as pointed out by Ernst G Giessmann)
2007-11-19 07:25:55 +00:00
Bodo Möller
da989402f2
The hash length check wasn't strict enough,
...
as pointed out by Ernst G Giessmann
2007-11-16 13:01:14 +00:00
Andy Polyakov
70ba4ee5d5
Commit #16325 fixed one thing but broke DH with certain moduli.
2007-11-03 20:09:04 +00:00
Lutz Jänicke
86140095b5
Add OIDs by CMP (RFC 4210) and CRMF (RFC 4211)
...
Submitted by: Martin Peylo <martinmeis@googlemail.com>
2007-11-01 08:24:56 +00:00
Dr. Stephen Henson
0e1dba934f
1. Changes for s_client.c to make it return non-zero exit code in case
...
of handshake failure
2. Changes to x509_certificate_type function (crypto/x509/x509type.c) to
make it recognize GOST certificates as EVP_PKT_SIGN|EVP_PKT_EXCH
(required for s3_srvr to accept GOST client certificates).
3. Changes to EVP
- adding of function EVP_PKEY_CTX_get0_peerkey
- Make function EVP_PKEY_derive_set_peerkey work for context with
ENCRYPT operation, because we use peerkey field in the context to
pass non-ephemeral secret key to GOST encrypt operation.
- added EVP_PKEY_CTRL_SET_IV control command. It is really
GOST-specific, but it is used in SSL code, so it has to go
in some header file, available during libssl compilation
4. Fix to HMAC to avoid call of OPENSSL_cleanse on undefined data
5. Include des.h if KSSL_DEBUG is defined into some libssl files, to
make debugging output which depends on constants defined there, work
and other KSSL_DEBUG output fixes
6. Declaration of real GOST ciphersuites, two authentication methods
SSL_aGOST94 and SSL_aGOST2001 and one key exchange method SSL_kGOST
7. Implementation of these methods.
8. Support for sending unsolicited serverhello extension if GOST
ciphersuite is selected. It is require for interoperability with
CryptoPro CSP 3.0 and 3.6 and controlled by
SSL_OP_CRYPTOPRO_TLSEXT_BUG constant.
This constant is added to SSL_OP_ALL, because it does nothing, if
non-GOST ciphersuite is selected, and all implementation of GOST
include compatibility with CryptoPro.
9. Support for CertificateVerify message without length field. It is
another CryptoPro bug, but support is made unconditional, because it
does no harm for draft-conforming implementation.
10. In tls1_mac extra copy of stream mac context is no more done.
When I've written currently commited code I haven't read
EVP_DigestSignFinal manual carefully enough and haven't noticed that
it does an internal digest ctx copying.
This implementation was tested against
1. CryptoPro CSP 3.6 client and server
2. Cryptopro CSP 3.0 server
2007-10-26 12:06:36 +00:00
Andy Polyakov
ebc06fba67
Bunch of constifications.
2007-10-13 15:51:32 +00:00
Andy Polyakov
ae1552ee99
Addendum to commit #16654 .
2007-10-09 16:37:24 +00:00
Andy Polyakov
debf380122
size_t-fy crypto/buffer.
2007-10-09 15:52:07 +00:00
Ralf S. Engelschall
ddb038d349
ignore a few additionally generated files
2007-10-09 09:56:44 +00:00
Dr. Stephen Henson
fcd1cb666c
Fix from fips branch.
2007-10-05 16:53:31 +00:00
Andy Polyakov
0023adb47a
Switch to bn-s390x (it's faster on keys longer than 512 bits) and mention
...
s390x assembler pack in CHANAGES.
2007-10-01 07:38:32 +00:00
Andy Polyakov
7722e53f12
Yet another ARM update. It appears to be more appropriate to make
...
developers responsible for -march choice.
2007-09-27 16:27:03 +00:00
Andy Polyakov
4c7c5ff667
ARMv4 assembler pack.
2007-09-27 07:09:46 +00:00
Andy Polyakov
d7e915616d
10% performance tweak in 64-bit mode.
2007-09-27 06:19:25 +00:00
Dr. Stephen Henson
67c8e7f414
Support for certificate status TLS extension.
2007-09-26 21:56:59 +00:00
Andy Polyakov
74eb3e0914
Make sha512-armv4.pl byte-order neutral.
2007-09-26 12:17:33 +00:00
Andy Polyakov
79fe664f19
Clarify commentary in sha512-sparcv9.pl.
2007-09-26 12:16:32 +00:00
Lutz Jänicke
5f0477f47b
Typos
...
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
2007-09-24 11:22:58 +00:00
Lutz Jänicke
7bbce69721
Port from 0.9.8-stable
2007-09-24 11:01:18 +00:00
Ben Laurie
9311c4421a
Fix dependencies. Make depend.
2007-09-19 14:53:18 +00:00
Andy Polyakov
a005fb019f
Addenum to "Constify obj_dat.[ch]."
2007-09-18 22:15:31 +00:00
Andy Polyakov
b5e5760d01
Minor formatting fixes in crypto/sha/asm.
2007-09-18 21:12:02 +00:00
Andy Polyakov
cf2bc94e5c
Wire RC4 key_table to read-only segment.
2007-09-18 21:10:32 +00:00
Andy Polyakov
26f0cf69d3
Constify obj_dat.[ch], as well as minimize linker relocations.
2007-09-18 21:05:21 +00:00
Andy Polyakov
61836c1b70
Wire DES weak_keys to read-only segment.
2007-09-18 20:58:33 +00:00
Andy Polyakov
2a1b0c8d65
Eliminate redundant make rule.
2007-09-18 20:57:06 +00:00
Andy Polyakov
75a8e30f4f
Minimize stack utilization in probable_prime.
2007-09-18 20:52:05 +00:00
Andy Polyakov
716b87a026
Remove excessive whitespaces from bio.h
2007-09-18 20:48:39 +00:00
Bodo Möller
08b229e13f
Make sure that BN_from_montgomery keeps the BIGNUMS in proper format
2007-09-18 16:35:28 +00:00
Andy Polyakov
eff371c866
Remove pq_compat.h.
2007-09-16 19:29:35 +00:00
Andy Polyakov
8dc899dee4
Minor sha[256|512]-586 performance tweaks.
2007-09-16 18:47:24 +00:00
Andy Polyakov
cc3d7bd0fc
It's inappropraite to override application signal, nor is it appropriate
...
to shut down Winsock unless we know it won't be used [and we never do].
PR: 1439
2007-09-16 18:35:02 +00:00
Andy Polyakov
77519b51db
Make bn2dec work on "SIXTY_FOUR_BIT" platforms.
...
PR: 1456
2007-09-15 17:05:11 +00:00
Andy Polyakov
1a01868e35
Remove sha512-sse2.pl.
2007-09-15 13:45:17 +00:00
Andy Polyakov
563d3e5948
Engage new x86 assembler modules.
2007-09-14 21:06:14 +00:00
Dr. Stephen Henson
7c5921e736
Handle empty case in X509_NAME canonical encoding.
2007-09-14 18:11:17 +00:00
Andy Polyakov
399f94bfb4
Commentary updates.
2007-09-13 07:27:10 +00:00
Andy Polyakov
1fa29843fa
SHA512 for ARMv4.
2007-09-13 07:26:35 +00:00
Andy Polyakov
ee0449b17c
SHA256/512 for x86.
2007-09-13 07:26:19 +00:00
Dr. Stephen Henson
a6fbcb4220
Change safestack reimplementation to match 0.9.8.
...
Fix additional gcc 4.2 value not used warnings.
2007-09-07 13:25:15 +00:00
Andy Polyakov
a5804a750b
Add sha512_block implementation optimized for small register bank.
...
On x86 it gives same performance, while code size shrinks >10 times.
2007-09-07 12:34:45 +00:00
Dr. Stephen Henson
81025661a9
Update ssl code to support digests other than MD5+SHA1 in handshake.
...
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
2007-08-31 12:42:53 +00:00
Andy Polyakov
4ece7eb6f4
Constify seed and md2.
2007-08-31 10:12:35 +00:00
Andy Polyakov
1c56e95e28
Compress and more aggressively constify ec_curve.c [the latter is
...
achieved by minimizing link relocations].
2007-08-31 09:36:43 +00:00
Andy Polyakov
d8803d5ae6
aes_ige suffered SIGBUS on RISC platforms.
2007-08-29 21:30:13 +00:00
Andy Polyakov
0ddd3ea217
Make naming more consistent.
2007-08-28 21:02:38 +00:00
Andy Polyakov
6a8517f274
Make room for Camellia assembler.
2007-08-28 20:45:25 +00:00
Andy Polyakov
55eab3b74b
Make x86_64 modules work under Win64/x64.
2007-08-23 12:01:58 +00:00
Andy Polyakov
dc0fcb98df
Workaround MSVC6 compiler bug.
2007-08-23 11:59:53 +00:00
Dr. Stephen Henson
167066fed4
Fix for asm/no-asm on WIN32.
2007-08-13 02:24:26 +00:00
Dr. Stephen Henson
710069c19e
Fix warnings.
2007-08-12 17:44:32 +00:00
Andy Polyakov
9d35d08ab6
Typo in ppccpuid.pl.
2007-07-31 18:19:40 +00:00
Andy Polyakov
983180bb8b
Buglet fixes and minor optimization in aes-x86_86 assembler.
2007-07-30 16:42:57 +00:00
Andy Polyakov
cdb0392159
Make preprocessor logic more fail-safe.
2007-07-30 11:53:01 +00:00
Andy Polyakov
1891f5b395
As for inline vs. __inline. The original code implies that most compilers
...
understand inline, while WIN32 ones insist on __inline. Well, there are
other compilers that insist on __inline. At the same time it turned out
that most compilers understand both __inline and inline. I could find
only one that doesn't understand __inline, Sun C. In other words it seems
that __inline as preferred choice provides better coverage...
2007-07-30 11:42:08 +00:00
Andy Polyakov
a3963619f6
Make ppccpuid AIX friendly.
2007-07-30 08:47:32 +00:00
Andy Polyakov
34994068a4
Respect ISO aliasing rules.
...
PR: 1296
2007-07-27 20:34:10 +00:00
Andy Polyakov
afaad0ada6
AES for IA64 update.
2007-07-27 18:20:52 +00:00
Andy Polyakov
05f9cb3b77
ia64cpuid update.
2007-07-27 18:03:27 +00:00
Andy Polyakov
1988a456a7
x86 perlasm updates.
2007-07-25 12:38:11 +00:00
Andy Polyakov
a61710b868
Allow for option to skip hardware support.
2007-07-23 20:38:57 +00:00
Andy Polyakov
20f7563f3d
md32_common.h update.
2007-07-23 13:57:15 +00:00
Andy Polyakov
3df2eff4bd
x86*cpuid update.
2007-07-21 14:46:27 +00:00
Andy Polyakov
a415ebd026
Complete synchronization of aes-x86_64 with aes-586.
2007-07-21 14:20:46 +00:00
Andy Polyakov
52ee3d01ae
Lppc_AES_[en|de]crypt_compact: size optimization.
2007-07-19 15:31:22 +00:00
Andy Polyakov
e59f992be6
Minor optimization in AES_set_encryption_key for x86_64.
2007-07-19 14:59:26 +00:00
Andy Polyakov
8bae7722a2
_x86_64_AES_[en|de]crypt_compact: size optimization and aggressive
...
T[ed]4 prefetch.
2007-07-19 14:29:41 +00:00
Andy Polyakov
287a9ee76e
gas -g doesn't tolerate unpadded .bytes in code segment.
2007-07-13 21:35:56 +00:00
Andy Polyakov
96b0f6c16d
Various minor updates to AES assembler modules.
2007-07-13 17:42:13 +00:00
Andy Polyakov
e1612ea59d
Add _x86_64_AES_[en|de]crypt_compact.
2007-07-13 17:39:40 +00:00
Andy Polyakov
71f4ea44eb
EVP_*_cfb1 was broken.
...
PR: 1318
2007-07-08 19:14:02 +00:00
Andy Polyakov
35295bdbee
bn_mul_recursive doesn't handle all cases correctly, which results in
...
BN_mul failures at certain key-length mixes.
PR: 1427
2007-07-08 18:53:03 +00:00
Andy Polyakov
aa8d6f3e86
Typo in str_lib.c
...
PR: 1177
2007-07-07 20:11:12 +00:00
Andy Polyakov
62aa5dd415
Fix build problem on Tru64.
2007-06-29 13:11:45 +00:00
Andy Polyakov
673c55a2fe
Latest bn_mont.c modification broke ECDSA test. I've got math wrong, which
...
is fixed now.
2007-06-29 13:10:19 +00:00
Ben Laurie
949ce10e88
Fix warning.
2007-06-23 18:47:51 +00:00
Ben Laurie
8dee823e61
Inline function declarations have to be prototypes.
2007-06-23 18:40:16 +00:00
Andy Polyakov
5d86336746
Flush output in x86_64cpuid.pl.
2007-06-21 11:39:35 +00:00
Andy Polyakov
5b89f78a89
Typo in x86_64-mont.pl.
...
PR: 1549
2007-06-21 11:38:52 +00:00
Andy Polyakov
c943ca5404
Optimize OPENSSL_cleanse.
2007-06-20 17:36:39 +00:00
Andy Polyakov
1c7f8707fd
bn_asm for s390x.
2007-06-20 14:10:16 +00:00
Andy Polyakov
a21c46e70b
Typo in Linux part of sparcv9cap.c
...
PR: 1532
2007-06-20 13:02:34 +00:00
Andy Polyakov
f3c26535ad
Make some shortcuts in sparcv9cap.c. Trouble is that di_walk_node result
...
is inconsistent among CPU generations.
2007-06-20 13:00:59 +00:00
Andy Polyakov
2329694222
SPARC Solaris and Linux assemblers treat .align directive differently.
...
PR: 1547
2007-06-20 12:24:22 +00:00
Dr. Stephen Henson
9677bf0f30
Update .cvsignore
2007-06-18 12:40:24 +00:00
Andy Polyakov
7d9cf7c0bb
Eliminate conditional final subtraction in Montgomery assembler modules.
2007-06-17 17:10:03 +00:00
Andy Polyakov
55525742f4
Privatize BN_*_no_branch.
2007-06-11 16:33:03 +00:00
Andy Polyakov
c693b5a55c
Commentary updates and minor optimization for bn_mont.c.
2007-06-11 08:53:52 +00:00
Andy Polyakov
6b6443dead
Eliminate conditional final subtraction in Montgomery multiplication.
2007-06-10 19:34:38 +00:00
Dr. Stephen Henson
54b5fd537f
WIN32 fixes.
2007-06-08 00:26:16 +00:00
Dr. Stephen Henson
0b99d4f1d1
Remove unnecessary casts and avoid some warnings with gcc 4.2.
2007-06-07 16:07:57 +00:00
Dr. Stephen Henson
3c07d3a3d3
Finish gcc 4.2 changes.
2007-06-07 13:14:42 +00:00
Dr. Stephen Henson
1d1a64653c
Back out safestack.h change for now: seems to break some things.
2007-06-04 22:18:20 +00:00
Dr. Stephen Henson
297e6f1917
Avoid use of function pointer casts in pem library. Modify safestack to
...
always use inline functions.
2007-06-04 17:53:04 +00:00
Dr. Stephen Henson
18096abb29
Handle NULL parameter in some EVP utility functions.
2007-05-31 12:39:21 +00:00
Andy Polyakov
f20af72312
AES_set_[en|de]crypt_key for ARMv4.
2007-05-30 15:57:31 +00:00
Andy Polyakov
7ef643360d
s390x gas can't handle .align 128.
2007-05-28 16:32:50 +00:00
Andy Polyakov
76c828c627
AES_set_[en|de]crypt_key for s390x.
2007-05-28 16:30:18 +00:00
Dr. Stephen Henson
64a5c5d1be
Fix X509_REQ_print_ex() to process extension options.
2007-05-22 23:31:29 +00:00
Dr. Stephen Henson
7b8b797375
Revert broken change to ccgost.
...
Initialize context properly for HMAC pkey method.
2007-05-22 12:58:39 +00:00
Andy Polyakov
a1a382dbc9
SHA256 for ARMv4.
2007-05-22 09:56:45 +00:00
Bodo Möller
19f6c524bf
Fix crypto/ec/ec_mult.c to work properly with scalars of value 0
2007-05-22 09:47:43 +00:00
Andy Polyakov
e4317d2031
OPENSSL_IMPLEMENT_GLOBAL caused more grief than it's worth (it's used twice
...
in legacy code). I'd rather just remove it along with legacy interface,
but it's probably not as appropriate as I'd like. Reimplement the macro.
2007-05-20 20:11:19 +00:00
Andy Polyakov
86d8f3ee19
Typo in aes-ppc.pl.
2007-05-19 20:00:33 +00:00
Andy Polyakov
3005764c18
Typo in x509_txt.c.
...
Submitted by: Martin.Kraemer@Fujitsu-Siemens.com
2007-05-19 18:03:21 +00:00
Andy Polyakov
b1e8b4e65d
x86cpuid fixes.
...
PR: 1526
2007-05-19 17:52:51 +00:00
Andy Polyakov
c6149e2f02
ppc-xlate.pl update.
2007-05-19 17:32:06 +00:00
Andy Polyakov
aa5c99fa01
sparccpuid.s update.
2007-05-19 17:26:48 +00:00
Andy Polyakov
9c200f5471
Initial draft of AES for PPC.
2007-05-19 17:16:27 +00:00
Dr. Stephen Henson
a70c09e2a2
Add .cvsignore to seed dir.
2007-05-17 16:43:15 +00:00
Dr. Stephen Henson
e77dbf325f
Prepend signature name in dgst output.
2007-05-17 16:19:17 +00:00
Dr. Stephen Henson
4eba5d8c86
Fix error code name.
2007-05-16 00:14:32 +00:00
Dr. Stephen Henson
e69adea539
New function EVP_PKEY_asn1_copy(). Use default MD if type param is NULL.
2007-05-15 23:52:03 +00:00
Dr. Stephen Henson
9660cbcd6b
Change C++ style comments.
2007-05-15 23:50:55 +00:00
Andy Polyakov
9c9c83ccb9
Throw in ppccpuid module.
2007-05-15 20:51:48 +00:00
Andy Polyakov
1d42fb5f4a
Fix linking error after adding alphacpuid.s.
2007-05-15 07:11:23 +00:00
Andy Polyakov
e119769480
Add alphacpuid.s
2007-05-15 06:36:17 +00:00
Andy Polyakov
b2dba9bf1f
Profiling revealed that OPENSSL_cleanse consumes *more* CPU time than
...
sha1_block_data_order when hashing short messages. Move OPENSSL_cleanse
to "cpuid" assembler module and gain 2x.
2007-05-14 21:35:25 +00:00
Andy Polyakov
932cc129ee
x86_64 assembler updates.
2007-05-14 15:57:19 +00:00
Andy Polyakov
1a42839ba7
As all assembler modules are alignment neutral, allow C to pass unaligned
...
content.
2007-05-13 15:16:44 +00:00
Andy Polyakov
232a938c75
Make sha*-ia64 modules alignment neutral.
2007-05-13 15:15:24 +00:00
Ben Laurie
69ab085290
More IGE speedup.
2007-05-13 15:14:38 +00:00
Ben Laurie
5f09d0ecc2
AES IGE mode speedup.
2007-05-13 12:57:59 +00:00
Dr. Stephen Henson
6217896145
Improve error detection when streaming S/MIME.
...
Only use streaming when appropriate for detached data in smime utility.
2007-05-10 17:37:15 +00:00
Dr. Stephen Henson
ee7ca0941a
Tidy up docs, remove warning.
2007-05-10 17:35:37 +00:00
Dr. Stephen Henson
f8492ffeaa
More useful ASN1 macros for static allocation functions.
2007-05-10 17:34:42 +00:00
Andy Polyakov
308595638a
Mention Core2 in sha1-x86_64.
2007-05-10 07:34:50 +00:00
Andy Polyakov
0bd8d6e2e1
Commentary updates to SHA for sparcv9.
2007-05-10 06:48:28 +00:00
Andy Polyakov
ae0d6e3e36
Engage SHA for sparcv9.
2007-05-04 12:54:02 +00:00
Andy Polyakov
6fa8a01c72
SHA for sparcv9.
2007-05-04 12:52:54 +00:00
Andy Polyakov
3f6916cf29
Fix bug introduced in cn#16195.
2007-05-03 09:12:47 +00:00
Andy Polyakov
a4470ae7b2
Fine reading of manual suggests that km can return non-normal completion code.
2007-05-03 07:26:27 +00:00
Andy Polyakov
251718e4c1
Fix s390x bugs and correct performance coefficients.
2007-05-02 11:44:02 +00:00
Richard Levitte
c504a5e783
Synchronise VMS with Unix.
2007-05-01 12:25:15 +00:00
Andy Polyakov
f6fb2c95ef
Revert irrelevant changes from commit #16191 .
2007-04-30 17:22:09 +00:00
Andy Polyakov
708311267a
rll does not seem to be available on legacy s390.
2007-04-30 17:19:12 +00:00
Andy Polyakov
cdd1d7a618
Typo in commit #16187 .
2007-04-30 15:55:00 +00:00
Andy Polyakov
b38c0add30
s390x optimizations.
2007-04-30 13:26:06 +00:00
Andy Polyakov
b900df5258
Engage s390x assembler modules.
2007-04-30 09:22:27 +00:00
Andy Polyakov
a2a54ffc5f
s390x assembler pack.
2007-04-30 08:42:54 +00:00
Andy Polyakov
20c04a13e6
Reimplement rc4-586.pl, relicense rc4-x86_64.pl.
2007-04-26 20:48:38 +00:00
Bodo Möller
a291745eeb
fix function codes for error
2007-04-24 01:06:19 +00:00
Bodo Möller
0862caf27e
remove leftover from editing ...
2007-04-24 00:47:53 +00:00
Bodo Möller
96afc1cfd5
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:48:59 +00:00
Bodo Möller
24a8c25ab5
fix error codes
2007-04-19 15:14:21 +00:00
Bodo Möller
d1e7d1d96c
don't violate the bn_check_top assertion in BN_mod_inverse_no_branch()
2007-04-19 14:45:57 +00:00
Dr. Stephen Henson
18f547734e
New function ASN1_STRING_copy() to copy to an already
...
alloacted ASN1_STRING structure.
2007-04-14 17:53:55 +00:00
Dr. Stephen Henson
14ab6cdd69
Flush b64 BIO.
2007-04-13 18:00:45 +00:00
Dr. Stephen Henson
eeec060df0
Don't finalize signerinfo if reuse and partial both set.
2007-04-13 16:41:52 +00:00
Dr. Stephen Henson
9cfc8a9d5c
Update smime utility to support streaming for -encrypt and -sign -nodetach
...
options. Add new streaming i2d (though strictly speaking it is BER format
when streaming) and PEM functions.
These all process content on the fly without storing it all in memory.
2007-04-13 01:06:41 +00:00
Dr. Stephen Henson
18327cd0e4
Copy update callback across when copying EVP_MD_CTX.
...
Remove unnecessary reference to EVP_MD_CTX in HMAC pkey method.
2007-04-12 13:02:31 +00:00
Dr. Stephen Henson
2022cfe07e
New -mac and -macopt options to dgst utility. Reimplement -hmac option in
...
terms of new API.
2007-04-11 17:20:40 +00:00
Dr. Stephen Henson
74633553a9
Experimental HMAC support via EVP_PKEY_METHOD.
2007-04-11 12:33:06 +00:00
Dr. Stephen Henson
376bf1d4aa
Constification.
2007-04-11 12:26:53 +00:00
Dr. Stephen Henson
d318fb79d2
Don't ignore config_name parameter passed to OPENSSL_config(). Use
...
"openssl_conf" in config file if config_name variable is missing.
2007-04-09 11:45:54 +00:00
Dr. Stephen Henson
0cc361f3e7
Fix from stable branch.
2007-04-08 17:45:47 +00:00
Dr. Stephen Henson
baecb96e8a
Fix digest signing so digest type is set after init.
2007-04-08 16:53:50 +00:00
Dr. Stephen Henson
6181f5e404
Preliminary support for signctx/verifyctx callbacks.
2007-04-08 13:03:26 +00:00
Ben Laurie
48bd505c0b
If you're going to check for negative, use an signed integer! Coverity ID 122.
2007-04-05 17:31:29 +00:00
Ben Laurie
ab2d91bd6b
Don't copy from a nonexistent next. Coverity ID 47.
2007-04-05 17:23:51 +00:00
Ben Laurie
3b2eead381
Fix duplicate error number.
2007-04-05 17:09:43 +00:00
Ben Laurie
8bbf6ac010
Don't dereference NULL argument. Coverity ID 52.
2007-04-05 16:58:39 +00:00
Ben Laurie
f6301f6888
Avoid overrun. Coverity ID 60.
2007-04-05 15:45:58 +00:00
Nils Larsch
907e99623c
check return value of ASN1_item_i2d(), Coverity ID 55
2007-04-04 19:41:20 +00:00
Ben Laurie
4f1a0b2c21
Handle bad content type. Coverity ID 99.
2007-04-04 15:31:17 +00:00
Ben Laurie
260c497cdd
Fix buffer overrun. Coverity ID 106.
2007-04-04 15:13:31 +00:00
Ben Laurie
2ff7a0edef
Make sure we detect corruption.
2007-04-04 13:21:15 +00:00
Nils Larsch
442cbb062d
check correct pointer before freeing it (Coverity CID 79,86)
2007-04-02 20:29:40 +00:00
Nils Larsch
c971ca4c86
check if pointer is != NULL before dereferencing it (Coverity CID 40)
2007-04-02 20:02:27 +00:00
Andy Polyakov
9babf3929b
RC4_set_key for x86_64 and Core2 optimization.
...
PR: 1447
2007-04-02 09:50:14 +00:00
Ben Laurie
2ec0be9e77
Don't die if the value is NULL (Coverity CID 98).
2007-04-01 18:00:52 +00:00
Ben Laurie
c2d1c2d319
Fix warning.
2007-04-01 17:56:25 +00:00
Andy Polyakov
162f677def
Update x86cpuid.pl to correctly detect shared cache and to support new
...
RC4_set_key.
2007-04-01 17:28:08 +00:00
Andy Polyakov
2875462425
Reserve for assembler implementation of RC4_set_key and implement x86 one.
2007-04-01 17:01:12 +00:00
Bodo Möller
b002265ee3
make BN_FLG_CONSTTIME semantics more fool-proof
2007-03-28 18:41:23 +00:00
Bodo Möller
bd31fb2145
Change to mitigate branch prediction attacks
...
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2007-03-28 00:15:28 +00:00
Dr. Stephen Henson
9981a51e42
Stage 1 GOST ciphersuite support.
...
Submitted by: ran@cryptocom.ru
Reviewed by: steve@openssl.org
2007-03-23 17:04:05 +00:00
Richard Levitte
ebb326afe6
Synchronise the VMS build with recent movements in the Unix build.
2007-03-23 09:36:33 +00:00
Andy Polyakov
8f41e4fa4d
link warnings caused by nasm modules.
2007-03-20 09:37:06 +00:00
Andy Polyakov
de50494505
Two extra instructions in RC4 character loop give 80% performance
...
improvement on Core2. I still need to detect Core2 and choose this
path...
2007-03-20 09:13:07 +00:00
Andy Polyakov
8b71d35458
nasm fixes.
2007-03-20 08:55:58 +00:00
Andy Polyakov
760e353528
sparcv9a-mont was modified to handle 32-bit aligned input, but check
...
for 64-bit alignment was not removed.
2007-03-20 08:54:51 +00:00
Dr. Stephen Henson
3627fedbea
Win32 fixes. Add GOST algorithm to mkdef, update ordinals. Signed/unsigned fixes.
2007-03-16 22:20:55 +00:00
Dr. Stephen Henson
bbb5cf05db
Fix from stable branch.
2007-03-05 00:09:08 +00:00
Nils Larsch
ebb01b84b8
size_t -> int
2007-03-02 19:56:29 +00:00
Nils Larsch
a0d48e7e7e
remove unused file
2007-03-02 19:42:16 +00:00
Lutz Jänicke
1fcfa22222
Initialize "buf" to 0 to make valgrind happy :-)
...
Note: the RAND_bytes() manual page says:
RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf.
It does not talk about using the previous contents of buf so we are working
as documented.
2007-03-02 17:54:51 +00:00
Lutz Jänicke
c9fb4e2c8d
Do not use uninitialized memory to seed the PRNG as it may confuse
...
code checking tools.
PR: 1499
2007-03-02 17:46:25 +00:00
Dr. Stephen Henson
6e7ca5e1eb
Update from stable branch.
2007-02-27 18:43:42 +00:00
Nils Larsch
0d5ac5a738
allow EVP_PKEY_CTX_free(NULL)
2007-02-26 18:32:53 +00:00
Nils Larsch
c209a35820
remove dead code
2007-02-26 18:21:19 +00:00
Lutz Jänicke
0636c39bb1
Fix incorrect handling of special characters
...
PR: 1459
Submitted by: tnitschke@innominate.com
Reviewed by: steve@openssl.org
2007-02-21 17:44:53 +00:00
Dr. Stephen Henson
a2e623c011
Update from 0.9.7-stable.
2007-02-21 13:49:35 +00:00
Dr. Stephen Henson
5d5ca32fa1
Updates from 0.9.8-stable branch.
2007-02-18 18:21:57 +00:00
Bodo Möller
52b8dad8ec
Reorganize the data used for SSL ciphersuite pattern matching.
...
This change resolves a number of problems and obviates multiple kludges.
A new feature is that you can now say "AES256" or "AES128" (not just
"AES", which enables both).
In some cases the ciphersuite list generated from a given string is
affected by this change. I hope this is just in those cases where the
previous behaviour did not make sense.
2007-02-17 06:45:38 +00:00
Nils Larsch
30e5e8aca5
- use OPENSSL_malloc() etc. in zlib
...
- move zlib_stateful_ex_idx initialization to COMP_zlib()
PR: 1468
2007-02-14 21:52:01 +00:00
Nils Larsch
b900a6b42f
avoid shifting input
2007-02-11 19:33:21 +00:00
Nils Larsch
92ada7cc52
remove unreachable code
2007-02-10 09:45:07 +00:00
Dr. Stephen Henson
52cfa39716
Add -hmac option to dgst from 0.9.7 stable branch.
2007-02-08 19:07:43 +00:00
Nils Larsch
b3bad17d1a
remove unused variable
2007-02-07 20:49:58 +00:00
Richard Levitte
82bf227e91
After objects have been freed, NULLify the pointers so there will be no double
...
free of those objects
2007-02-07 01:42:46 +00:00
Nils Larsch
8807a2dfc4
fix typo
2007-02-06 19:48:42 +00:00
Dr. Stephen Henson
af32f9fdda
Update from fips2 branch.
2007-02-03 17:32:49 +00:00
Nils Larsch
357d5de5b9
add support for DSA with SHA2
2007-02-03 14:41:12 +00:00
Nils Larsch
689f9faba4
fix potential memory leaks
...
PR: 1462
2007-02-03 09:55:42 +00:00
Andy Polyakov
82686bdcaa
Minimize aes_core.c footprint when AES_[en|de]crypt is implemented in
...
assembler.
2007-01-25 20:47:00 +00:00
Andy Polyakov
14b1d089b6
Minor touch to aes-armv4.pl.
2007-01-25 11:28:07 +00:00
Andy Polyakov
a296239bdd
AES for ARMv4.
2007-01-25 10:44:48 +00:00
Andy Polyakov
0b0896cdd2
Minor optimization for sha1-armv4 module.
2007-01-25 10:44:18 +00:00
Dr. Stephen Henson
2d3e956ae0
Update from 0.9.7-stable.
2007-01-23 17:53:48 +00:00
Andy Polyakov
36b7c06975
SHA1 for ARMv4 and Thumb.
2007-01-22 20:33:46 +00:00
Dr. Stephen Henson
560b79cbff
Constify version strings and some structures.
2007-01-21 13:07:17 +00:00
Andy Polyakov
64aecc6720
Make armv4t-mont module backward binary compatible with armv4 and rename it
...
accordingly.
2007-01-17 20:12:41 +00:00
Andy Polyakov
43b8fe1cd0
Montgomery multiplication for ARMv4.
2007-01-11 21:43:25 +00:00
Andy Polyakov
5c914f204a
#include <stddef.h> in digest headers.
...
Submitted by: Kurt Roeckx <kurt@roeckx.be>
2006-12-29 14:51:42 +00:00
Andy Polyakov
8876e58f34
Montgomery multiplication for MIPS III/IV. Not engaged.
2006-12-29 11:09:33 +00:00
Andy Polyakov
7321a84d4c
Minor clean-up in crypto/bn/asm.
2006-12-29 11:05:20 +00:00
Andy Polyakov
bb11c28246
Minor clean-up in crypto/engine.
2006-12-29 10:55:43 +00:00
Andy Polyakov
00b4e083fd
Move eng_padlock.c to ./engines.
...
Submitted by: Michal Ludvig <michal@logix.cz>
2006-12-29 10:42:24 +00:00
Andy Polyakov
4cfe3df1f5
Minor performance improvements to x86-mont.pl.
2006-12-28 12:43:16 +00:00
Andy Polyakov
8f2d60ec26
Fix for "strange errors" exposed by ccgost engine. The fix is
...
two extra insructions in sqradd loop at line #503 .
2006-12-27 10:59:51 +00:00
Richard Levitte
423a5d54a1
Synchronise a bit more with Unixly build
2006-12-26 21:20:15 +00:00
Richard Levitte
ea46f5e0e5
Replace strdup() with BUF_strdup().
2006-12-25 09:43:46 +00:00
Richard Levitte
7f6c848242
Synchronise with Unixly build, again ;-)
2006-12-24 20:25:51 +00:00
Dr. Stephen Henson
559d50138f
Add bit I missed from PKCS#7 streaming encoder.
2006-12-24 16:46:47 +00:00
Dr. Stephen Henson
11d8cdc6ad
Experimental streaming PKCS#7 support.
...
I thought it was about time I dusted this off. This stuff had been sitting on
my hard drive for *ages* (2003 in fact). Hasn't been tested well and may not
work properly.
Nothing uses it at present which is just as well.
Think of this as a traditional Christmas present which looks far more
impressive in the adverts and on the box, some of the bits are missing and
falls to bits if you play with it too much.
2006-12-24 16:22:56 +00:00
Richard Levitte
e49978dafe
Synchronise with Unixly build
2006-12-24 09:27:23 +00:00
Andy Polyakov
e1d9e533b5
Oops! New prototype code creeped through...
2006-12-22 15:47:01 +00:00
Andy Polyakov
f946dd7198
Make sha.h more "portable."
2006-12-22 15:42:06 +00:00
Andy Polyakov
1702c8c4bf
x86-mont.pl sse2 tune-up and integer-only squaring procedure.
2006-12-22 15:28:07 +00:00
Nils Larsch
b0ec114685
fix order
...
PR: 1442
2006-12-21 19:50:48 +00:00
Nils Larsch
c92da5a605
update
2006-12-21 19:48:47 +00:00
Nils Larsch
06e2dd037e
add support for ecdsa-with-sha256 etc.
2006-12-20 08:58:54 +00:00
Nils Larsch
34f0a19309
remove trailing '\'
...
PR: 1438
2006-12-19 19:49:02 +00:00
Bodo Möller
772e3c07b4
Fix the BIT STRING encoding of EC points or parameter seeds
...
(need to prevent the removal of trailing zero bits).
2006-12-19 15:11:37 +00:00
Nils Larsch
360ff3cf58
fix order
2006-12-18 22:20:27 +00:00
Nils Larsch
91b73acb19
use const ASN1_TIME *
2006-12-11 22:35:51 +00:00
Andy Polyakov
87d3af6475
Eliminate 64-bit alignment limitation in sparcv9a-mont.
2006-12-08 15:18:41 +00:00
Andy Polyakov
98939a05b6
alpha-mont.pl: gcc portability fix and make-rule.
2006-12-08 14:18:58 +00:00
Andy Polyakov
d28134b8f3
Minor, +10%, tune-up for x86_64-mont.pl.
2006-12-08 10:13:51 +00:00
Andy Polyakov
8583eba015
Montgomery multiplication routine for Alpha.
2006-12-08 10:12:56 +00:00
Dr. Stephen Henson
5894b98f99
Update from 0.9.7-stable branch.
2006-12-07 13:29:08 +00:00
Dr. Stephen Henson
5de3a0ff3d
Sync OID NIDs with OpenSSL 0.9.8.
2006-12-06 13:44:21 +00:00
Dr. Stephen Henson
10ca15f3fa
Fix change to OPENSSL_NO_RFC3779
2006-12-06 13:36:48 +00:00
Nils Larsch
fa9ac569b8
avoid duplicate entries in add_cert_dir()
...
PR: 1407
Submitted by: Tomas Mraz <tmraz@redhat.com>
2006-12-05 21:21:37 +00:00
Nils Larsch
0f997d0dc3
allocate a new attributes entry in X509_REQ_add_extensions()
...
if it's NULL (in case of a malformed pkcs10 request)
PR: 1347
Submitted by: Remo Inverardi <invi@your.toilet.ch>
2006-12-04 19:11:57 +00:00
Nils Larsch
b0eedd77f6
add "Certificate Issuer" and "Subject Directory Attributes" OIDs
...
PR: 1433
2006-12-04 18:51:06 +00:00
Andy Polyakov
502aef5aaf
Eliminate redundant variable in Camellia CBC routine.
2006-12-02 11:52:50 +00:00
Andy Polyakov
9f8cfb1c62
Improve Camellia code readability.
2006-12-02 11:12:13 +00:00
Andy Polyakov
c163b5f7a0
Fix bugs in Camellia CBC routine.
2006-12-02 10:56:45 +00:00
Andy Polyakov
20da8b8f90
Camellia portability fixes.
...
Submitted by: Masashi Fujita, NTT
2006-12-02 10:38:40 +00:00
Dr. Stephen Henson
4d7aff707e
Update dependencies.
2006-11-30 13:41:47 +00:00
Dr. Stephen Henson
d137b56a5b
Win32 fixes from stable branch.
2006-11-30 13:39:34 +00:00
Nils Larsch
7806f3dd4b
replace macros with functions
...
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
2006-11-29 20:54:57 +00:00
Andy Polyakov
73b979e601
Clarify HAL SPARC64 support situation in sparcv9a-mont.pl.
2006-11-28 11:07:36 +00:00
Andy Polyakov
ebae8092cb
Minor optimizations based on intruction level profiler feedback.
2006-11-28 10:34:51 +00:00
Andy Polyakov
2e21922eb6
Modulo-schedule loops in sparcv9a-mont.pl. Overall improvement factor
...
over 0.9.8 is up to 3x on USI&II cores and up to 80% - on USIII&IV.
2006-11-28 07:24:26 +00:00
Andy Polyakov
1c3d2b94be
This is "informational" commit. Its mere purpose is to expose "modulo
...
factor" in inner loops.
2006-11-28 07:20:36 +00:00
Andy Polyakov
48d2335d73
Non-SSE2 path to bn_mul_mont. But it's disabled, because it currently
...
doesn't give performance improvement.
2006-11-27 14:59:35 +00:00
Ben Laurie
96ea4ae91c
Add RFC 3779 support.
2006-11-27 14:18:05 +00:00
Andy Polyakov
7af5726108
sha512-ppc.pl mutli-thread safety fix.
2006-11-27 13:11:15 +00:00
Nils Larsch
69d4646f4e
register the engine as default engine in ENGINE_set_default()
...
PR: 1431
2006-11-24 18:37:43 +00:00
Dr. Stephen Henson
47a9d527ab
Update from 0.9.8 stable. Eliminate duplicate error codes.
2006-11-21 21:29:44 +00:00
Dr. Stephen Henson
14975faa60
Remove illegal IMPLEMENT macros from header file.
2006-11-16 00:55:33 +00:00
Dr. Stephen Henson
3f12464861
Remove redundant PREDECLARE statement.
2006-11-16 00:52:49 +00:00
Dr. Stephen Henson
de12116417
Initial, incomplete support for typesafe macros without using function
...
casts.
2006-11-16 00:19:39 +00:00
Dr. Stephen Henson
28b987aec9
Don't assume requestorName is present for signed requests. ASN1 OCSP module
...
fix: certs field is OPTIONAL.
2006-11-13 13:21:47 +00:00
Dr. Stephen Henson
fb596f3bb7
OCSP library tidy. Use extension to encode OCSP extensions instead of doing
...
it manually. Make OCSP_CERTID_dup() a real function instead of a macro.
2006-11-13 13:18:28 +00:00
Ben Laurie
84948b39df
Fix various warnings.
2006-11-08 09:45:12 +00:00
Dr. Stephen Henson
ad0e439604
Avoid shadow warning.
2006-11-07 16:20:14 +00:00
Nils Larsch
1611b9ed80
remove SSLEAY_MACROS code
2006-11-06 19:53:39 +00:00
Nils Larsch
05cfe06607
fix OPENSSL_NO_foo defines
2006-10-27 21:25:53 +00:00
Dr. Stephen Henson
b37a68cc8f
Initialize old_priv_encode, old_priv_decode.
2006-10-27 11:43:27 +00:00
Andy Polyakov
5b50f99e1e
Further mingw build procedure updates.
2006-10-24 22:14:20 +00:00
Andy Polyakov
a6efc2d1b8
Fix mingw warnings.
2006-10-23 07:41:05 +00:00
Andy Polyakov
08a638237d
Allow for mingw cross-compile configuration.
2006-10-23 07:30:19 +00:00
Andy Polyakov
3634d7e97a
Gcc over-optimizes PadLock AES CFB codepath, tell it not to.
2006-10-19 20:55:05 +00:00
Andy Polyakov
53d7efea76
Temporary fix for sha256 IA64 assembler.
2006-10-18 09:42:56 +00:00
Andy Polyakov
002684d693
Fix bug in big-endian path and optimize it for size.
2006-10-18 08:15:16 +00:00
Andy Polyakov
c038b8aa56
Typo in perlasm/x86asm.pl.
2006-10-17 16:21:28 +00:00
Andy Polyakov
c5f17d45c1
Further synchronizations with md32_common.h update, consistent naming
...
for low-level SHA block routines.
2006-10-17 16:13:18 +00:00
Andy Polyakov
31439046e0
bn/asm/ppc.pl to use ppc-xlate.pl.
2006-10-17 14:37:07 +00:00
Andy Polyakov
11d0ebc841
Further synchronizations with md32_common.h update.
2006-10-17 13:38:10 +00:00
Andy Polyakov
cecfdbf72d
VIA-specific Montgomery multiplication routine.
2006-10-17 07:04:48 +00:00
Andy Polyakov
f0f61f6d0d
Synchronize SHA1 assembler with md32_common.h update.
2006-10-17 07:00:23 +00:00
Andy Polyakov
d68ff71004
Support for .asciz directive in perlasm modules.
2006-10-17 06:43:11 +00:00
Andy Polyakov
591e85e928
Linking errors on IA64 and typo in aes-ia64.S.
2006-10-17 06:41:27 +00:00
Andy Polyakov
c69ed6ea39
Re-implement md32_common.h [make it simpler!] and eliminate code rendered
...
redundant as result.
2006-10-11 11:55:11 +00:00
Dr. Stephen Henson
55a08fac68
Typo.
2006-10-05 21:59:50 +00:00
Nils Larsch
2fc281d01f
return an error if the supplied precomputed values lead to an invalid signature
2006-10-04 19:37:17 +00:00
Bodo Möller
d326582cab
ASN1_item_verify needs to initialize ctx before any "goto err" can
...
happen; the new code for the OID cross reference table failed to do so.
2006-10-04 06:14:36 +00:00
Dr. Stephen Henson
f4c630abb3
Place standard CRL behaviour in default X509_CRL_METHOD new functions to
...
create, free and set default CRL method.
2006-10-03 02:47:59 +00:00
Mark J. Cox
c2cccfc585
Initialise ctx to NULL to avoid uninitialized free, noticed by
...
Steve Kiernan
2006-09-29 08:21:41 +00:00
Bodo Möller
5e3225cc44
Introduce limits to prevent malicious keys being able to
...
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
2006-09-28 13:45:34 +00:00
Mark J. Cox
348be7ec60
Fix ASN.1 parsing of certain invalid structures that can result
...
in a denial of service. (CVE-2006-2937) [Steve Henson]
2006-09-28 13:20:44 +00:00
Dr. Stephen Henson
019bfef899
Initialize new callbacks and make sure hent is always initialized.
2006-09-26 13:25:19 +00:00
Richard Levitte
0709249f4c
Complete the change for VMS.
2006-09-25 08:35:35 +00:00
Dr. Stephen Henson
5b73c3609b
Using correct lock for X509_REQ.
...
PR:1348
2006-09-22 17:06:09 +00:00
Dr. Stephen Henson
eebeb52b29
Update length if copying MSB set in asn1_string_canon().
2006-09-22 13:37:15 +00:00
Dr. Stephen Henson
44181ea836
Add missing prototype. Fix various warnings (C++ comments, ; outside function).
2006-09-21 13:24:46 +00:00
Dr. Stephen Henson
c80c7bf999
Make int_rsa_sign function match prototype.
...
PR: 1383
2006-09-21 13:11:24 +00:00
Dr. Stephen Henson
ffa5ebf3f4
Compile in gost engine.
2006-09-21 13:07:57 +00:00
Dr. Stephen Henson
1182301ca7
Do CRL method init after other operations.
2006-09-21 12:48:56 +00:00
Dr. Stephen Henson
010fa0b331
Tidy up CRL handling by checking for critical extensions when it is
...
loaded. Add new function X509_CRL_get0_by_serial() to lookup a revoked
entry to avoid the need to access the structure directly.
Add new X509_CRL_METHOD to allow common CRL operations (verify, lookup) to be
redirected.
2006-09-21 12:42:15 +00:00
Andy Polyakov
4b67fefe5a
Remove x86ms.pl and reimplement x86*.pl.
2006-09-18 19:17:09 +00:00
Andy Polyakov
3a8012cbf2
Improve 386 portability of aes-586.pl.
2006-09-18 19:13:15 +00:00
Bodo Möller
a53cdc5b08
Ensure that the addition mods[i]+delta cannot overflow in probable_prime().
...
[Problem pointed out by Adam Young <adamy (at) acm.org>]
2006-09-18 14:00:49 +00:00
Dr. Stephen Henson
5d20c4fb35
Overhaul of by_dir code to handle dynamic loading of CRLs.
2006-09-17 17:16:28 +00:00
Dr. Stephen Henson
bc7535bc7f
Support for AKID in CRLs and partial support for IDP. Overhaul of CRL
...
handling to support this.
2006-09-14 17:25:02 +00:00
Dr. Stephen Henson
016bc5ceb3
Fixes for new CRL/cert callbacks. Update CRL processing code to use new
...
callbacks.
2006-09-11 13:00:52 +00:00
Dr. Stephen Henson
4d50a2b4d6
Add verify callback functions to lookup a STACK of matching certs or CRLs
...
based on subject name.
New thread safe functions to retrieve matching STACK from X509_STORE.
Cache some IDP components.
2006-09-10 12:38:37 +00:00
Bodo Möller
7f4301668f
Make sure the int_rsa_verify() prototype matches the implementation
...
(m_len currently is 'unsigned int', not 'size_t')
Submitted by: Gisle Vanem
2006-09-08 06:00:40 +00:00
Bodo Möller
2952886010
Remove non-functional part of recent patch, after discussion with
...
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
2006-09-06 06:43:11 +00:00
Mark J. Cox
b79aa05e3b
Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
...
(CVE-2006-4339)
Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:58:03 +00:00
Andy Polyakov
500b5a181d
Rewrite sha1-586.pl.
2006-08-31 21:27:30 +00:00
Andy Polyakov
2b8a5406f9
Fix bug in aes-586.pl.
2006-08-31 21:15:38 +00:00
Andy Polyakov
2f35ae90fe
Fix bug in x86unix.pl introduced in latest update.
...
PR: 1380
2006-08-31 21:12:17 +00:00
Dr. Stephen Henson
02c9b66a6c
Fix C++ style comments, change assert to OPENSSL_assert, stop warning with
...
pedantic mode.
2006-08-31 20:56:20 +00:00
Dr. Stephen Henson
539d4c1030
Fix leak
2006-08-31 20:10:37 +00:00
Ben Laurie
aa6d1a0c19
Forward port of IGE mode.
2006-08-31 14:04:04 +00:00
Ben Laurie
777c47acbe
Make things static that should be. Declare stuff in headers that should be.
...
Fix warnings.
2006-08-28 17:01:04 +00:00
Ulf Möller
1c23bc5670
Use gmtime on cygwin
...
Submitted by: Corinna Vinschen
2006-08-13 09:03:38 +00:00
Andy Polyakov
8ea975d070
+20% tune-up for Power5.
2006-08-09 15:40:30 +00:00
Andy Polyakov
6c69aa532e
Revised AES_cbc_encrypt in x86 assembler module.
2006-08-07 09:05:52 +00:00
Andy Polyakov
fc92414273
Agressively prefetch S-box in SSE codepatch, relax alignment requirement,
...
check for SSE bit instead of MMX, as pshufw was introduces in PIII, minor
optimization, typos...
2006-08-02 22:38:16 +00:00
Andy Polyakov
53154d71c3
Switch to compact S-box when generating AES key schedule.
2006-08-02 07:46:56 +00:00
Andy Polyakov
8cebec9802
Switch to compact S-box when generating AES key schedule.
2006-08-01 22:10:39 +00:00
Andy Polyakov
c8a0d0aaf9
Engage assembler in solaris64-x86_64-cc.
2006-07-31 22:28:40 +00:00
Andy Polyakov
0cc46efa09
perlasm/x86unix.pl update.
2006-07-31 22:26:40 +00:00
Andy Polyakov
22c268e6c9
Next generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusively
...
256 byte S-box. AES_cbc_encrypt needs further work as it should also use
slow routines when processing smaller amount of data.
2006-07-31 20:03:56 +00:00
Dr. Stephen Henson
f6e7d01450
Support for multiple CRLs with same issuer name in X509_STORE. Modify
...
verify logic to try to use an unexpired CRL if possible.
2006-07-25 17:39:38 +00:00
Dr. Stephen Henson
edc540211c
Cache some CRL related extensions.
2006-07-24 12:39:22 +00:00
Dr. Stephen Henson
2eed3a3cc8
Avoid warning.
2006-07-21 22:46:19 +00:00
Dr. Stephen Henson
786aa98da1
Use correct pointer types for various functions.
2006-07-20 16:56:47 +00:00
Bodo Möller
413e0853d7
New Camellia implementation (replacing previous version)
...
Submitted by: NTT
2006-07-19 13:38:26 +00:00
Dr. Stephen Henson
450ea83495
Store canonical encodings of Name structures. Update X509_NAME_cmp() to use
...
them.
2006-07-18 12:36:19 +00:00
Andy Polyakov
af8c1d81a3
Reimplement outer rounds as "compact" in x86 assembler. This has rather
...
strong impact on decrypt performance, 20-25%. One probably should consider
switching between slower and faster routines depending on how much data
we were asked to process.
2006-07-18 10:05:38 +00:00
Dr. Stephen Henson
b589427941
WIN32 fixes signed/unsigned issues and slightly socket semantics.
2006-07-17 18:52:51 +00:00
Dr. Stephen Henson
f0fa285f75
Update .cvsignore again.
2006-07-17 16:42:06 +00:00
Dr. Stephen Henson
a0b5b07010
Update .cvsignore
2006-07-17 16:40:20 +00:00
Dr. Stephen Henson
5c95c2ac23
Fix various error codes to match functions.
2006-07-17 16:33:31 +00:00
Dr. Stephen Henson
c1c6c0bf45
New non-blocking OCSP functionality.
2006-07-17 12:18:28 +00:00
Andy Polyakov
dff2922aa7
Add option for "compact" rounds to aes_x86core.c. "Compact" rounds are
...
those referencing compact, 256-byte, S-boxes.
2006-07-14 09:57:55 +00:00
Dr. Stephen Henson
31780d0e26
Bugfix: don't look in internal table for signature if found in application
...
supplied list.
2006-07-12 16:30:40 +00:00
Dr. Stephen Henson
29cf84c692
New docs for EVP_Digest{Sign,Verify}*() function. Update existing docs.
2006-07-12 12:31:30 +00:00
Dr. Stephen Henson
b7683e3a5d
Allow digests to supply S/MIME micalg values from a ctrl.
...
Send ctrls to EVP_PKEY_METHOD during signing of PKCS7 structure so
customisation is possible.
2006-07-10 18:36:55 +00:00
Dr. Stephen Henson
0ee2166cc5
New functions to add and free up application defined signature OIDs.
2006-07-09 16:05:43 +00:00
Dr. Stephen Henson
067707e367
Set detached flag in PKCS7 structure earlier to avoid eating up memory.
...
PR: 1071
2006-07-09 12:02:08 +00:00
Dr. Stephen Henson
5ba4bf35c5
New functions to enumerate digests and ciphers.
2006-07-09 00:53:45 +00:00
Andy Polyakov
86bdc0a3ee
Fix compiler warnings.
2006-07-04 20:29:50 +00:00
Andy Polyakov
1a4e245f3e
Unsigned vs signed comparison warning.
2006-07-04 20:29:14 +00:00
Andy Polyakov
975efcbaee
Typos(?) in HEAD/crypto/evp/p_lib.c.
2006-07-04 20:27:44 +00:00
Dr. Stephen Henson
90e1b1fd7d
dsa_pub_cmp() doesn't need to check parameters because that is done in
...
EVP_PKEY_cmp().
2006-07-02 21:13:39 +00:00
Dr. Stephen Henson
86207c1960
Make return value from EVP_PKEY_cmp() and EVP_PKEY_cmp_parameters() consistent.
2006-07-02 21:12:40 +00:00
Andy Polyakov
9c62bca11a
Prepare playground for AES experimental code.
2006-07-02 09:18:00 +00:00
Bodo Möller
3df760b83a
use <poll.h> as by Single Unix Specification
2006-06-30 08:14:39 +00:00
Bodo Möller
e34aa5a3b3
always read in RAND_poll() if we can't use select because of a too
...
large FD: it's non-blocking mode anyway
2006-06-28 14:50:12 +00:00
Andy Polyakov
985e4c4154
Mitigate the hazard of cache-collision timing attack on last round. The
...
only chance for T[ed]4 to get evicted in this module is when its cache
"overlaps" with last 128 bits of key schedule.
2006-06-28 08:52:16 +00:00
Andy Polyakov
9598fa8759
Mitigate the hazard of cache-collision timing attack on last round. Well,
...
prefetch could have been moved closer to Td4 references. Something for
later consideration...
2006-06-28 08:48:54 +00:00
Andy Polyakov
ac8173515a
Mitigate cache-collision timing attack on last round.
2006-06-28 08:39:06 +00:00
Dr. Stephen Henson
944f858021
Fix EVP_PKEY_CTX_dup() to return correct value and handle NULL keys in
...
the source.
2006-06-27 17:23:24 +00:00
Richard Levitte
27a3d9f9aa
Use poll() when possible to gather Unix randomness entropy
2006-06-27 06:31:34 +00:00
Bodo Möller
48fc582f66
New functions CRYPTO_set_idptr_callback(),
...
CRYPTO_get_idptr_callback(), CRYPTO_thread_idptr() for a 'void *' type
thread ID, since the 'unsigned long' type of the existing thread ID
does not always work well.
2006-06-23 15:21:36 +00:00
Bodo Möller
c4e7870ac1
Change array representation of binary polynomials to make GF2m part of
...
the BN library more generally useful.
Submitted by: Douglas Stebila
2006-06-18 22:00:57 +00:00
Bodo Möller
4584eccea0
another thread-safety fix
2006-06-16 01:00:47 +00:00
Bodo Möller
675f605d44
Thread-safety fixes
2006-06-14 08:55:23 +00:00
Richard Levitte
1a159e08af
Keep synchronised with Unix
2006-06-12 06:46:18 +00:00
Bodo Möller
dd030860c4
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-11 01:09:07 +00:00
Richard Levitte
2d09372434
Keep synchronised with the Unix build
2006-06-10 05:38:23 +00:00
Bodo Möller
67912e0032
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 22:29:40 +00:00
Bodo Möller
f3dea9a595
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:44:59 +00:00
Dr. Stephen Henson
fb7b393278
Output MIME parameter micalg according to RFC3851 and RFC4490 instead of hard
...
coding it to "sha1".
2006-06-06 13:27:36 +00:00
Dr. Stephen Henson
61e5ec4b1e
Add AES and GOST S/MIME capabilities if algorithms are supported.
2006-06-06 12:35:05 +00:00
Andy Polyakov
6f344eab03
Fix obvious typo.
2006-06-05 16:04:09 +00:00
Dr. Stephen Henson
41eacc84a0
Clarify comment and add #ifdef.
2006-06-05 12:38:22 +00:00
Dr. Stephen Henson
01b8b3c7d2
Complete EVP_PKEY_ASN1_METHOD ENGINE support.
2006-06-05 11:52:46 +00:00
Andy Polyakov
8fecd4b4f1
Sync aes.h with http://cvs.openssl.org/chngview?cn=15336 .
2006-06-05 10:43:41 +00:00
Andy Polyakov
41fc5f2dbe
Reimplement AES_ofb128_encrypt.
2006-06-05 10:40:54 +00:00
Andy Polyakov
bcfd3d68f5
Correct logical error in STRICT_ALIGNMENT check and remove copy of
...
eay licence, as module is practically rewritten from scratch [well,
even original submission was obviously "almost, but not quite,
entirely unlike" any other eay *_cfb.c module, not to mention new
functions].
2006-06-05 10:40:28 +00:00
Andy Polyakov
d3a6461d71
Minor ppc-xlate.pl update.
2006-06-05 09:42:31 +00:00
Andy Polyakov
17478fdede
Add sha512-ppc.pl module.
2006-06-05 09:37:55 +00:00
Andy Polyakov
4dca00cec8
Minor sha1-ppc.pl update.
2006-06-05 09:35:50 +00:00
Richard Levitte
061d774b99
A few more ENGINE strings that need shortening.
2006-06-04 08:22:25 +00:00
Richard Levitte
20469da285
Synchronise with Unix
2006-06-03 02:17:49 +00:00
Dr. Stephen Henson
e18e3eba76
Make update.
2006-06-02 17:54:47 +00:00
Dr. Stephen Henson
de9fcfe348
Initial public key ASN1 method engine support. Not integrated yet.
2006-06-02 17:52:27 +00:00
Dr. Stephen Henson
7e5b06813d
Automatically free up dynamically allocated public key methods when
...
and ENGINE is destroyed.
2006-06-02 17:09:17 +00:00
Dr. Stephen Henson
1892c8bf97
Extend default method string to include public key methods.
...
Add missing prototypes.
Fix engine method lookup.
2006-06-02 13:09:59 +00:00
Dr. Stephen Henson
5e428e7d0d
Typo.
2006-06-02 12:37:02 +00:00
Dr. Stephen Henson
c9777d2659
Add ENGINE support for EVP_PKEY_METHOD including lookups of ENGINE
...
implementations and functional reference counting when a context
is allocated, free or copied.
2006-06-02 12:33:39 +00:00
Richard Levitte
3aedd213a9
Synchronise with the Unixly build.
2006-06-01 12:50:56 +00:00
Dr. Stephen Henson
e0c1ea9038
Fix error code. make update
2006-06-01 12:43:39 +00:00
Dr. Stephen Henson
6f88c6a634
Add missing prototype. Extend engine utility to print public key algorithms.
2006-06-01 12:38:22 +00:00
Dr. Stephen Henson
58aa573ac2
Add engine table for EVP_PKEY_METHOD. Doesn't do much yet.
2006-06-01 11:38:50 +00:00
Dr. Stephen Henson
b28dea4e10
New pkey functions for keygen callbacks and retrieving operation type.
2006-05-31 17:34:14 +00:00
Andy Polyakov
21f0db692d
Tune up AES CFB. Performance improvement varies from 10% to 50% from
...
platform to platform. Its absolute value is within few percents
marginal from that of ECB.
2006-05-30 07:20:13 +00:00
Richard Levitte
25074d6c22
Deal with another name that's longer than 31 characters.
2006-05-28 19:39:36 +00:00
Richard Levitte
0cfc80c4c3
rslen is unsigned, so it can never go below 0.
2006-05-28 19:36:29 +00:00
Dr. Stephen Henson
994df5a248
Flush p7bio when all data has been copied.
2006-05-26 17:14:23 +00:00
Dr. Stephen Henson
3207e61222
Add prototypes, update Win32 ordinals.
2006-05-25 11:44:05 +00:00
Richard Levitte
3671233089
Keep in sync with Unix
2006-05-25 10:40:01 +00:00
Dr. Stephen Henson
3a828611e9
Update EVP_MD_CTX_copy_ex() to use EVP_PKEY_CTX_dup().
2006-05-25 00:55:00 +00:00
Dr. Stephen Henson
8bdcef40e4
New function to dup EVP_PKEY_CTX. This will be needed to make new signing
...
functions and EVP_MD_CTX_copy work properly.
2006-05-24 23:49:30 +00:00
Dr. Stephen Henson
91c9e62123
New functions for enchanced digest sign/verify.
2006-05-24 17:30:09 +00:00
Dr. Stephen Henson
0e3453536e
Fix warnings.
2006-05-24 13:29:32 +00:00
Dr. Stephen Henson
eaff5a1412
Use size_t for new crypto size parameters.
2006-05-24 12:33:46 +00:00
Dr. Stephen Henson
0965991600
Add ctrl to EVP_MD and EVP_PKEY_CTX to EVP_MD_CTX. These will be used
...
for enhanced sign/verify operations.
2006-05-22 13:01:01 +00:00
Dr. Stephen Henson
5531192151
Add -resign and -md options to smime command to support resigning an
...
existing structure and using alternative digest for signing.
2006-05-18 23:44:44 +00:00
Dr. Stephen Henson
a620626a33
Code tidy.
2006-05-18 18:06:03 +00:00
Dr. Stephen Henson
f13a71c66b
Typo.
2006-05-18 17:46:56 +00:00
Dr. Stephen Henson
3ef3e07a49
make update
2006-05-18 17:22:31 +00:00
Dr. Stephen Henson
76fa8f1838
More S/MIME tidy. Place some common attribute operations in utility
...
functions.
2006-05-18 17:20:23 +00:00
Dr. Stephen Henson
f2b139ed1f
Remove old digest type hacks for non RSA keys.
2006-05-18 13:05:20 +00:00
Dr. Stephen Henson
76d6ac4b06
PKCS#12 mac key length should equal digest length.
2006-05-17 18:19:51 +00:00
Dr. Stephen Henson
60f20632e2
Tidy up of S/MIME code and add new functions which will make is easier
...
to create S/MIME signed data with multiple signers.
2006-05-17 17:17:01 +00:00
Dr. Stephen Henson
ae519a247f
Extended PBES2 function supporting application supplied IV and PRF NID.
2006-05-17 12:47:17 +00:00
Dr. Stephen Henson
1631d5f9b9
HMAC OIDs from RFC4231.
2006-05-17 12:27:45 +00:00
Dr. Stephen Henson
6d3a1eac3b
Add PRF preference ctrl to ciphers.
2006-05-15 18:35:13 +00:00
Dr. Stephen Henson
b8f702a0af
Change builting PBE to use static table. Add entries for HMAC and MD5, GOST.
2006-05-15 17:34:36 +00:00
Dr. Stephen Henson
43c9825c2a
Update old **EVIL** PEM_X509_INFO_read_bio() function to correctly assign
...
private keys.
FIXME: this function should really be rewritten because it is *horrible*.
2006-05-15 13:28:00 +00:00
Dr. Stephen Henson
3f36baa9f4
Correctly handle missing DSA parameters.
2006-05-15 01:26:52 +00:00
Dr. Stephen Henson
b0e69a0500
Add feature to PKCS12_create() if the encryption NID corresponds to a
...
supported encryption algorithm instead of a PBE NID then use that
algorithm with PBES2.
2006-05-15 00:45:10 +00:00
Dr. Stephen Henson
856640b54f
Extend PBE code to support non default PKCS#5 v2.0 PRFs.
2006-05-14 18:40:53 +00:00
Dr. Stephen Henson
76240b3a39
Check for deprecated private key types before PKCS#8 types.
2006-05-14 18:35:42 +00:00
Richard Levitte
98bf13c36b
make update
2006-05-12 15:31:28 +00:00
Richard Levitte
7e76e56387
Someone made a mistake, and some function and reason codes got
...
duplicate numbers. Renumbering.
2006-05-12 15:27:52 +00:00
Dr. Stephen Henson
7f57b076a6
New functions to get key types without dereferncing EVP_PKEY.
...
More error checking for RSA pmeth.
2006-05-11 21:33:00 +00:00
Dr. Stephen Henson
7144c4212a
Update PKCS#7 decrypt routines to use new API.
2006-05-08 16:38:19 +00:00
Dr. Stephen Henson
399a6f0bd1
Update PKCS#7 enveloped data to new API.
2006-05-08 12:44:25 +00:00
Dr. Stephen Henson
3d47929968
Update S/MIME code to use default digest.
2006-05-07 17:22:58 +00:00
Dr. Stephen Henson
03919683f9
Add support for default public key digest type ctrl.
2006-05-07 17:09:39 +00:00
Andy Polyakov
67d990904e
Futher minor PPC assembler update.
2006-05-04 21:30:41 +00:00
Andy Polyakov
c09a0318b7
Minor PPC assembler updates.
2006-05-03 14:07:34 +00:00
Andy Polyakov
fe716ba686
PPC assembler distiller update.
2006-05-03 13:39:34 +00:00
Dr. Stephen Henson
e881f6175a
Update from stable branch.
2006-05-03 13:19:06 +00:00
Andy Polyakov
a9c32ace06
SHA1 for PowerPC.
2006-05-01 13:35:03 +00:00
Andy Polyakov
2c5d4daac5
Yet another "teaser" Montgomery multiplication module, for PowerPC.
2006-04-30 21:15:29 +00:00
Dr. Stephen Henson
b46343583c
Update EVP_PKEY_cmp() and X509_check_private() to return sensible values and
...
handle unsupported key types.
2006-04-28 12:27:37 +00:00
Dr. Stephen Henson
a78568b7e9
Replace RSA specific PKCS7_RECIP_INFO set up with an public key algorithm
...
ctrl.
2006-04-27 18:20:34 +00:00
Dr. Stephen Henson
ee5b2a1e51
Code tidy.
2006-04-27 00:42:51 +00:00
Dr. Stephen Henson
e4b21c74fc
New function to extract AlgorithmIdentifier for PKCS7_RECIP_INFO.
2006-04-27 00:29:50 +00:00
Dr. Stephen Henson
4edcb93dca
Don't free up parameter. The public key ASN1 method can do that if it needs
...
to.
2006-04-27 00:20:43 +00:00
Dr. Stephen Henson
81cebb8b79
Add prototypes and pkey accessor function for EVP_PKEY_CTX.
2006-04-26 11:52:36 +00:00
Dr. Stephen Henson
a4e75b3dfd
Correct copyright notice... this doesn't contain any SSLeay code.
2006-04-24 00:07:26 +00:00
Dr. Stephen Henson
cddaba8ede
Add 'flags' parameter to EVP_PKEY_asn1_meth_new() to set algorithm flags.
2006-04-21 17:38:58 +00:00
Nils Larsch
49c5f38d3d
undo accidental commit
2006-04-20 13:54:34 +00:00
Nils Larsch
f8296228f1
as we encrypt every bit separately we need to loop through the number
...
of bits; thanks to Michael McDougall <mmcdouga@saul.cis.upenn.edu>
PR: 1318
2006-04-20 13:11:52 +00:00
Nils Larsch
930b0c4b8a
make local function static
2006-04-20 09:53:49 +00:00
Dr. Stephen Henson
3d153f7985
Remove dss1 hack from S/MIME code.
2006-04-19 17:47:15 +00:00
Dr. Stephen Henson
ee1d9ec019
Remove link between digests and signature algorithms.
...
Use cross reference table in ASN1_item_sign(), ASN1_item_verify() to eliminate
the need for algorithm specific code.
2006-04-19 17:05:59 +00:00
Dr. Stephen Henson
614b448a67
Remove comment from SSLeay days about EVP_PKEY_METHOD.
2006-04-19 12:16:58 +00:00
Richard Levitte
a784b943c1
Synchronise with Unixly build.
...
(Geez, a lot is happening right now, eh? :-))
2006-04-19 06:44:07 +00:00
Dr. Stephen Henson
d202709808
Add OID cross reference table.
...
Fix some typos in GOST OIDs.
Update dependencies.
2006-04-18 23:36:07 +00:00
Richard Levitte
51ff0abb05
Synchronise
2006-04-17 17:19:59 +00:00
Dr. Stephen Henson
492a9e2415
Allow public key ASN1 methods to set PKCS#7 SignerInfo structures.
2006-04-17 17:12:23 +00:00
Dr. Stephen Henson
c20276e4ae
Fix (most) WIN32 warnings and errors.
2006-04-17 12:08:22 +00:00
Dr. Stephen Henson
9ca7047d71
Provisional support for EC pkey method, supporting ECDH and ECDSA.
2006-04-16 16:15:59 +00:00
Andy Polyakov
ba3b2f1538
SHA-1 for x86_64.
2006-04-16 14:42:54 +00:00
Dr. Stephen Henson
b010b7c434
Use more flexible method of determining output length, by setting &outlen
...
value of the passed output buffer is NULL.
The old method of using EVP_PKEY_size(pkey) isn't flexible enough to cover all
cases where the output length may depend on the operation or the parameters
associated with it.
2006-04-15 18:50:56 +00:00
Dr. Stephen Henson
9dc17a2536
Fix from 0.9.7-stable branch.
2006-04-15 17:43:43 +00:00
Dr. Stephen Henson
5950bf7943
Revert to original...
2006-04-15 13:15:25 +00:00
Dr. Stephen Henson
4141c803d8
Oops...
2006-04-15 13:12:42 +00:00
Dr. Stephen Henson
09b88a4a55
Update copyright notices on a few files where all original SSLeay code has
...
been deleted.
2006-04-14 17:36:18 +00:00
Dr. Stephen Henson
f3481ca28f
Print out zero length string properly.
2006-04-14 16:47:18 +00:00
Dr. Stephen Henson
ba30bad57b
Add functions to allow setting and adding external EVP_PKEY_METHOD.
2006-04-14 12:41:35 +00:00
Dr. Stephen Henson
ffb1ac674c
Complete key derivation support.
2006-04-13 20:16:56 +00:00
Dr. Stephen Henson
3be34589e8
Update dependencies.
2006-04-13 13:00:45 +00:00
Dr. Stephen Henson
d87e615209
Add key derivation support.
2006-04-13 12:56:41 +00:00
Richard Levitte
7b82159865
Synchronise what what's happening with the Unix build
2006-04-13 09:59:52 +00:00
Dr. Stephen Henson
52c11dce31
Typo.
2006-04-13 00:26:05 +00:00
Dr. Stephen Henson
3ba0885a3e
Extend DH ASN1 method, add DH EVP_PKEY_METHOD.
2006-04-12 23:51:24 +00:00
Dr. Stephen Henson
023c9d8dd5
Fix leak.
2006-04-12 23:38:45 +00:00
Dr. Stephen Henson
4c97a04e2e
PKCS#3 DH PKCS#8 ASN1 support.
2006-04-12 23:06:10 +00:00
Dr. Stephen Henson
ceb4678956
Extend DH ASN1 method to support public key encode/decode and parameter
...
utilities.
2006-04-12 17:14:48 +00:00
Dr. Stephen Henson
0cb8499b73
Compare parameters when comparing public keys.
2006-04-12 17:01:19 +00:00
Dr. Stephen Henson
4d62ec32e0
Add file dso_beos.c missing from original commit.
...
PR: 1312
2006-04-12 11:46:16 +00:00
Dr. Stephen Henson
75ef718820
Support for DSA keygen, fix for genpkey.
2006-04-12 11:14:11 +00:00
Dr. Stephen Henson
c927df3fa1
Initial DSA EVP_PKEY_METHOD. Fixup some error codes.
2006-04-12 10:20:47 +00:00
Ulf Möller
4700aea951
Add BeOS support.
...
PR: 1312
Submitted by: Oliver Tappe <zooey@hirschkaefer.de>
Reviewed by: Ulf Moeller
2006-04-11 21:34:21 +00:00
Ulf Möller
0ef888cd3e
Use Dl_info only on systems where it is known to exist. It does not
...
exist on AIX 4.3.3, AIX 5.1, SCO 5, or Cygwin.
2006-04-11 21:00:13 +00:00
Ulf Möller
26c777d516
uncomment; that one slipped through
2006-04-11 20:09:31 +00:00
Ulf Möller
9555339007
improve make dclean to remove files generated during build
...
PR: 1308
Submitted by: Oliver Tappe <zooey@hirschkaefer.de>
Reviewed by: Ulf Moeller
2006-04-11 20:05:23 +00:00
Dr. Stephen Henson
54d853ebc3
Add support for setting keybits and public exponent value for pkey RSA keygen.
2006-04-11 17:28:37 +00:00
Dr. Stephen Henson
f5cda4cbb1
Initial keygen support.
2006-04-11 13:28:52 +00:00
Dr. Stephen Henson
f9a6348a53
ctrls to set PSS salt length.
2006-04-10 12:55:04 +00:00
Dr. Stephen Henson
a7ffd9d19c
Preliminary PSS support.
2006-04-10 12:41:21 +00:00
Dr. Stephen Henson
29db322e8f
Beginnings of PSS support.
2006-04-10 11:48:35 +00:00
Richard Levitte
25dc89eb9b
Synchronise with the Unix build
2006-04-10 11:39:49 +00:00
Dr. Stephen Henson
716630c0eb
Change operation values so they can be used as a mask.
...
Fix rsa_pkey_method.
2006-04-10 11:16:11 +00:00
Dr. Stephen Henson
4f59b6587f
Implementation of pkey_rsa_verify. Some constification.
2006-04-10 01:06:17 +00:00
Dr. Stephen Henson
9befdf1d20
New utility function to reverse a buffer, either by copying or in-place.
2006-04-10 00:11:30 +00:00
Dr. Stephen Henson
75d44c0452
Store digests as EVP_MD instead of a NID.
...
Add digest size sanity checks.
2006-04-09 21:24:48 +00:00
Dr. Stephen Henson
a58a636838
Constification.
2006-04-09 20:53:19 +00:00
Dr. Stephen Henson
9fdab72dd7
Bugfix X9.31 padding.
2006-04-09 20:44:00 +00:00
Dr. Stephen Henson
b2a97be7f4
Support for digest signing and X931 in rsa_pkey_meth.
2006-04-09 19:17:25 +00:00
Dr. Stephen Henson
6471c9f478
Add checking to padding ctrl.
2006-04-09 12:53:55 +00:00
Dr. Stephen Henson
4a3dc3c0e3
Add RSA ctrl for padding mode, add ctrl support in pkeyutl.
2006-04-09 12:42:09 +00:00
Dr. Stephen Henson
8cd44e3630
Implement encrypt/decrypt using RSA.
2006-04-08 13:02:04 +00:00
Dr. Stephen Henson
07e970c7e6
Initial functions for RSA EVP_PKEY_METHOD.
...
Update dependencies.
2006-04-08 00:15:07 +00:00
Dr. Stephen Henson
d1aa0d38c5
If <operatio>_init function is zero interpret as noop.
2006-04-07 23:11:49 +00:00
Dr. Stephen Henson
9e4d0f0be2
New utility 'pkeyutl' a general purpose version of 'rsautl'.
2006-04-07 19:33:28 +00:00
Dr. Stephen Henson
cd7638980a
Include EVP_PKEY argument in EVP_PKEY_CTX_new(). This avoids the
...
need for a separate EVP_PKEY parameter in the other operation
initialization routines.
2006-04-07 17:28:56 +00:00
Dr. Stephen Henson
f733a5ef0e
Initial functions for main EVP_PKEY_METHOD operations.
...
No method implementations yet.
2006-04-07 16:42:09 +00:00
Dr. Stephen Henson
5da98aa687
Updated to EVP_PKEY_METHOD code... still doesn't do much.
2006-04-06 17:32:43 +00:00
Dr. Stephen Henson
0b6f3c66cd
Initial definitions and a few functions for EVP_PKEY_METHOD: an extension
...
of the EVP routines to public key algorithms.
2006-04-06 13:02:06 +00:00
Dr. Stephen Henson
e46691a0bc
New function to add dynamic alias.
2006-04-05 13:24:19 +00:00
Dr. Stephen Henson
732a40e107
Last arg to EVP_PKEY_assign() should be void *.
2006-04-05 13:04:02 +00:00
Dr. Stephen Henson
29da3ade3c
Rebuild mac table to avoid duplicates.
2006-04-05 12:09:09 +00:00
Dr. Stephen Henson
de908d6319
Typos in a few OID names.
2006-04-05 12:06:32 +00:00
Dr. Stephen Henson
9c9c98ad2e
Typo.
2006-04-05 12:00:22 +00:00
Dr. Stephen Henson
5e0e9fce5d
Minor object name edit.
2006-04-05 11:29:31 +00:00
Dr. Stephen Henson
863779065e
Fix dynamic public key method lookup.
2006-04-04 18:32:19 +00:00
Dr. Stephen Henson
0b33dac310
New function to retrieve ASN1 info on public key algorithms. New command
...
line option to print out info.
2006-04-04 18:16:03 +00:00
Dr. Stephen Henson
228b4e426b
Update and add last (?) set of GOST OIDs.
2006-04-04 15:53:21 +00:00
Dr. Stephen Henson
362ab3e4f9
More GOST OIDs
2006-04-02 13:22:39 +00:00
Dr. Stephen Henson
2aed84d16b
Add GOST parameter set OIDs.
2006-04-02 03:01:27 +00:00
Dr. Stephen Henson
5deea1c015
Don't free up key in priv_decode.
2006-03-31 18:16:22 +00:00
Dr. Stephen Henson
99516f81b1
Initialize pval.
2006-03-31 18:11:54 +00:00
Richard Levitte
d6091d5a39
If we declare a function, like d2i_TS_MSG_IMPRINT_bio(), we'd better
...
*define* it too, or things like shared libraries might be a bit sad.
2006-03-31 12:25:24 +00:00
Dr. Stephen Henson
5a47825ece
Fix gost OIDs.
2006-03-31 10:57:32 +00:00
Dr. Stephen Henson
531308d929
Fix typo.
2006-03-29 15:58:55 +00:00
Dr. Stephen Henson
74e564cd46
Add some GOST OIDs.
2006-03-29 13:02:21 +00:00
Dr. Stephen Henson
42eae426df
Add missing function declaration.
2006-03-29 12:18:26 +00:00
Dr. Stephen Henson
246e09319c
Fix bug where freed OIDs could be accessed in EVP_cleanup() by
...
defering freeing in OBJ_cleanup().
2006-03-28 17:23:48 +00:00
Dr. Stephen Henson
3e4585c8fd
New utility pkeyparam. Enhance and bugfix algorithm specific parameter
...
functions to support it.
2006-03-28 14:35:32 +00:00
Dr. Stephen Henson
db98bbc114
Initial support for generalized public key parameters.
2006-03-24 13:46:58 +00:00
Dr. Stephen Henson
e42633140e
Add support for legacy PEM format private keys in EVP_PKEY_ASN1_METHOD.
2006-03-23 18:02:23 +00:00
Dr. Stephen Henson
bd50e31325
Typo.
2006-03-23 14:08:33 +00:00
Dr. Stephen Henson
b2c0518e6a
Fix bug in DSA, EC methods.
2006-03-23 14:04:39 +00:00
Dr. Stephen Henson
d82e2718e2
Add information and pem strings. Update dependencies.
2006-03-23 11:54:51 +00:00
Dr. Stephen Henson
18e377b4ff
Make EVP_PKEY_ASN1_METHOD opaque. Add application level functions to
...
initialize it. Initial support for application added public key ASN1.
2006-03-22 17:59:49 +00:00
Richard Levitte
043b2e9c2e
Keep up with the changes in the Unix build system.
2006-03-22 14:31:03 +00:00
Dr. Stephen Henson
1b593194be
Move algorithm specific print code from crypto/asn1/t_pkey.c to separate
...
*_prn.c files in each algorithm directory.
2006-03-22 13:34:19 +00:00
Dr. Stephen Henson
35208f368c
Gather printing routines into EVP_PKEY_ASN1_METHOD.
2006-03-22 13:09:35 +00:00