wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10667 commits 20 branches 302 tags 153 MiB
Commit graph

10667 commits

This branch
This branch
All branches
Author SHA1 Message Date
Andy Polyakov
9ee5916d97 aesni-x86[_64].pl: fix bug in CCM code. 2011-10-14 09:15:19 +00:00
Andy Polyakov
af9b610cef Remove eng_aesni.c as AES-NI support is integrated directly at EVP. 2011-10-13 19:46:44 +00:00
Bodo Möller
8bfc6479a8 use -no_ecdhe when using -no_dhe 2011-10-13 15:07:08 +00:00
Bodo Möller
4f2015742d Oops - ectest.c finds further problems beyond those exposed by bntext.c 2011-10-13 14:29:59 +00:00
Bodo Möller
0a06ad76a1 Avoid failed assertion in BN_DEBUG builds 2011-10-13 14:21:39 +00:00
Bodo Möller
bf6d2f986d Make CTR mode behaviour consistent with other modes: 
- clear ctx->num in EVP_CipherInit_ex
- adapt e_eas.c changes from http://cvs.openssl.org/chngview?cn=19816
  for eng_aesni.c

Submitted by: Emilia Kasper
 2011-10-13 13:41:34 +00:00
Bodo Möller
9d74befd23 Clarify warning 2011-10-13 13:27:09 +00:00
Bodo Möller
8b37d33a94 typo 2011-10-13 13:20:33 +00:00
Bodo Möller
3ddc06f082 In ssl3_clear, preserve s3->init_extra along with s3->rbuf. 
Submitted by: Bob Buckholz <bbuckholz@google.com>
 2011-10-13 13:05:58 +00:00
Bodo Möller
cdfe0fdde6 Fix OPENSSL_BN_ASM_MONT5 for corner cases; add a test. 
Submitted by: Emilia Kasper
 2011-10-13 12:35:10 +00:00
Dr. Stephen Henson
5936521495 Print curve type for signature tests. 2011-10-12 22:41:33 +00:00
Dr. Stephen Henson
35882b60d8 increase test RSA key size to 1024 bits 2011-10-12 21:55:03 +00:00
Dr. Stephen Henson
ce01482e0f Update README.FIPS for new FIPS 2.0 testvectors. 2011-10-12 18:48:01 +00:00
Dr. Stephen Henson
7fc78f11e8 Remove o_init.o special case from Makefile: this doesn't work. 2011-10-12 17:27:08 +00:00
Dr. Stephen Henson
98bc806749 Skip ECDH sanity check. Add --compare-all to run comparison tests on 
all files instead of sanity checks.
 2011-10-12 17:18:38 +00:00
Dr. Stephen Henson
a2b6dc97f6 Handle partial test where H is absent: needed to check g generation. 2011-10-12 17:03:15 +00:00
Dr. Stephen Henson
df36faaaa2 Update instructions. 2011-10-12 15:35:34 +00:00
Dr. Stephen Henson
e15acd9d9e Updates to handle some verification of v2 tests. 
Now enable v2 by default and require a --disable-v2 option to run the
old v1 tests.
 2011-10-12 15:33:54 +00:00
Dr. Stephen Henson
a854818ea9 Handle broken test on verify too. 2011-10-12 15:32:57 +00:00
Dr. Stephen Henson
c1f63b5cb3 ECDH POST selftest failure inducing support. 2011-10-12 13:17:19 +00:00
Dr. Stephen Henson
cf61940534 Fix warnings. 2011-10-12 13:06:45 +00:00
Dr. Stephen Henson
dafd5b5d74 Only include one ECDH selftest. 2011-10-12 12:55:58 +00:00
Andy Polyakov
6c8ce3c2ff e_padlock-x86[_64].pl: protection against prefetch errata. 2011-10-11 21:07:53 +00:00
Dr. Stephen Henson
3231e42d72 update pkey method initialisation and copy 2011-10-11 18:15:31 +00:00
Dr. Stephen Henson
cd366cf7ec print out subgroup order if present 2011-10-11 17:44:26 +00:00
Dr. Stephen Henson
a59163f6b6 def_rsa_finish not used any more. 2011-10-10 20:35:09 +00:00
Dr. Stephen Henson
fe4394cf1d remove some debugging code 2011-10-10 19:09:01 +00:00
Dr. Stephen Henson
84a75ba38c fix leak properly this time... 2011-10-10 14:08:55 +00:00
Dr. Stephen Henson
eb47b2fb13 add GCM ciphers in SSL_library_init 2011-10-10 12:56:18 +00:00
Dr. Stephen Henson
a0f21307e0 disable GCM if not available 2011-10-10 12:41:11 +00:00
Dr. Stephen Henson
7d7c13cbab Don't disable TLS v1.2 by default now. 2011-10-09 23:26:39 +00:00
Dr. Stephen Henson
0feb83e222 Synv ordinals with 1.0.1-stable. 2011-10-09 23:16:20 +00:00
Dr. Stephen Henson
ccbb9badba fix CHANGES entry 2011-10-09 23:11:55 +00:00
Dr. Stephen Henson
42753a4f67 fix memory leaks 2011-10-09 23:08:15 +00:00
Andy Polyakov
b1d3e9de63 e_padlock-x86_64.pl: brown-bag bug in stack pointer handling. 2011-10-09 21:53:53 +00:00
Dr. Stephen Henson
7bd4095b12 Sync ordinals with 1.0.1-stable. 2011-10-09 15:29:43 +00:00
Dr. Stephen Henson
58b75e9c26 PR: 2482 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
 2011-10-09 00:56:52 +00:00
Andy Polyakov
08d62e9f1a e_padlock-x86[_64].pl: SHA fixes, comply with specification and fix bug. 2011-10-08 21:37:44 +00:00
Dr. Stephen Henson
549cd657fd Add fips/ecdh directory. 2011-10-07 18:18:50 +00:00
Dr. Stephen Henson
43206a2d7c New -force_pubkey option to x509 utility to supply a different public 
key to the one in a request. This is useful for cases where the public
key cannot be used for signing e.g. DH.
 2011-10-07 15:18:09 +00:00
Dr. Stephen Henson
6dd547398a use client version when eliminating TLS v1.2 ciphersuites in client hello 2011-10-07 15:07:19 +00:00
Dr. Stephen Henson
66bb328e11 ? crypto/aes/aes-armv4.S 
? crypto/aes/aesni-sha1-x86_64.s
? crypto/aes/aesni-x86_64.s
? crypto/aes/foo.pl
? crypto/aes/vpaes-x86_64.s
? crypto/bn/.bn_lib.c.swp
? crypto/bn/armv4-gf2m.S
? crypto/bn/diffs
? crypto/bn/modexp512-x86_64.s
? crypto/bn/x86_64-gf2m.s
? crypto/bn/x86_64-mont5.s
? crypto/ec/bc.txt
? crypto/ec/diffs
? crypto/modes/a.out
? crypto/modes/diffs
? crypto/modes/ghash-armv4.S
? crypto/modes/ghash-x86_64.s
? crypto/modes/op.h
? crypto/modes/tst.c
? crypto/modes/x.h
? crypto/objects/.obj_xref.txt.swp
? crypto/rand/diffs
? crypto/sha/sha-512
? crypto/sha/sha1-armv4-large.S
? crypto/sha/sha256-armv4.S
? crypto/sha/sha512-armv4.S
Index: crypto/objects/obj_xref.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/objects/obj_xref.c,v
retrieving revision 1.9
diff -u -r1.9 obj_xref.c
--- crypto/objects/obj_xref.c	5 Nov 2008 18:38:58 -0000	1.9
+++ crypto/objects/obj_xref.c	6 Oct 2011 20:30:21 -0000
@@ -110,8 +110,10 @@
 #endif
 	if (rv == NULL)
 		return 0;
-	*pdig_nid = rv->hash_id;
-	*ppkey_nid = rv->pkey_id;
+	if (pdig_nid)
+		*pdig_nid = rv->hash_id;
+	if (ppkey_nid)
+		*ppkey_nid = rv->pkey_id;
 	return 1;
 	}

@@ -144,7 +146,8 @@
 #endif
 	if (rv == NULL)
 		return 0;
-	*psignid = (*rv)->sign_id;
+	if (psignid)
+		*psignid = (*rv)->sign_id;
 	return 1;
 	}

Index: crypto/x509/x509type.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/x509/x509type.c,v
retrieving revision 1.10
diff -u -r1.10 x509type.c
--- crypto/x509/x509type.c	26 Oct 2007 12:06:33 -0000	1.10
+++ crypto/x509/x509type.c	6 Oct 2011 20:36:04 -0000
@@ -100,20 +100,26 @@
 		break;
 		}

-	i=X509_get_signature_type(x);
-	switch (i)
+	i=OBJ_obj2nid(x->sig_alg->algorithm);
+	if (i && OBJ_find_sigid_algs(i, NULL, &i))
 		{
-	case EVP_PKEY_RSA:
-		ret|=EVP_PKS_RSA;
-		break;
-	case EVP_PKEY_DSA:
-		ret|=EVP_PKS_DSA;
-		break;
-	case EVP_PKEY_EC:
-		ret|=EVP_PKS_EC;
-		break;
-	default:
-		break;
+
+		switch (i)
+			{
+		case NID_rsaEncryption:
+		case NID_rsa:
+			ret|=EVP_PKS_RSA;
+			break;
+		case NID_dsa:
+		case NID_dsa_2:
+			ret|=EVP_PKS_DSA;
+			break;
+		case NID_X9_62_id_ecPublicKey:
+			ret|=EVP_PKS_EC;
+			break;
+		default:
+			break;
+			}
 		}

 	if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
 2011-10-06 20:44:02 +00:00
Andy Polyakov
50452b2e60 e_padlock: add CTR mode. 2011-10-05 17:03:44 +00:00
Andy Polyakov
d18762f7c9 e_padlock-x86_64.pl: fix typo. 2011-10-04 11:21:33 +00:00
Andy Polyakov
149ca7128c e_padlock-x86*.pl: Nano-related update. 2011-10-04 11:05:16 +00:00
Dr. Stephen Henson
4cc2bbab67 Make fips algorithm test utilities use RESP_EOL for end of line character(s). 
This should be CRLF even under *nix.
 2011-10-01 20:42:52 +00:00
Andy Polyakov
04c3aa5c1a e_padlock-x86.pl: previous C3-specific fix was incomplete. 2011-10-01 10:44:51 +00:00
Andy Polyakov
3edc26a256 e_padlock-x86.pl: make it work on VIA C3 (which doesn't support SSE2). 2011-10-01 10:16:13 +00:00
Dr. Stephen Henson
10465aca60 Never echo Num lines for PQGGen DSA2 test. 2011-09-30 11:58:59 +00:00
Dr. Stephen Henson
3f1ebb8f42 make depend 2011-09-29 23:17:59 +00:00