Commit graph

9661 commits

Author SHA1 Message Date
Dr. Stephen Henson
08df41277a PR: 1904
Submitted by: David Woodhouse <dwmw2@infradead.org>

Pass passphrase minimum length down to UI.
2010-03-27 19:31:55 +00:00
Dr. Stephen Henson
ac495542a6 PR: 1813
Submitted by: Torsten Hilbrich <torsten.hilbrich@secunet.com>

Fix memory leak when engine name cannot be loaded.
2010-03-27 18:28:02 +00:00
Dr. Stephen Henson
085e5f4859 update FAQ 2010-03-25 12:08:19 +00:00
Bodo Möller
3e8b6485b3 Fix for "Record of death" vulnerability CVE-2010-0740.
Also, add missing CHANGES entry for CVE-2009-3245 (code changes submitted to this branch on 23 Feb 2010),
and further harmonize this version of CHANGES with the versions in the current branches.
2010-03-25 11:25:30 +00:00
Dr. Stephen Henson
f2e8488b85 initialise buf if wrong_info not used 2010-03-24 23:42:05 +00:00
Dr. Stephen Henson
a3a06e6543 PR: 1731 and maybe 2197
Clear error queue in a few places in SSL code where errors are expected
so they don't stay in the queue.
2010-03-24 23:17:15 +00:00
Andy Polyakov
26c00de46d rand_win.c: fix logical bug in readscreen. 2010-03-22 22:44:22 +00:00
Andy Polyakov
3dd303129f bss_file.c: fix MSC 6.0 warning. 2010-03-22 22:38:56 +00:00
Andy Polyakov
c3473126b1 GHASH assembler: new ghash-sparcv9.pl module and saner descriptions. 2010-03-22 17:24:18 +00:00
Andy Polyakov
82f385d71d e_capi.c: fix typo. 2010-03-15 22:28:48 +00:00
Andy Polyakov
f2fccce4bd Fix UPLINK typo. 2010-03-15 22:25:57 +00:00
Andy Polyakov
480cd6ab6e ghash-ia64.pl: new file, GHASH for Itanium.
ghash-x86_64.pl: minimize stack frame usage.
ghash-x86.pl: modulo-scheduling MMX loop in respect to input vector
results in up to 10% performance improvement.
2010-03-15 19:07:52 +00:00
Dr. Stephen Henson
6c6bdd543d workaround for missing definition in some headers 2010-03-15 13:10:08 +00:00
Dr. Stephen Henson
e19f6678f5 print signature parameters with CRLs too 2010-03-14 13:10:48 +00:00
Dr. Stephen Henson
624fbfcadb free up sigopts STACK 2010-03-14 13:09:00 +00:00
Dr. Stephen Henson
510777f2fc clear bogus errors in ca utility 2010-03-14 13:07:48 +00:00
Dr. Stephen Henson
be449448dc update CHANGES 2010-03-14 12:55:15 +00:00
Dr. Stephen Henson
4c623cddbe add -sigopt option to ca utility 2010-03-14 12:54:45 +00:00
Dr. Stephen Henson
8d207ee3d1 add X509_CRL_sign_ctx function 2010-03-14 12:52:38 +00:00
Dr. Stephen Henson
cdb182b55a new sigopt and PSS support for req and x509 utilities 2010-03-12 14:41:00 +00:00
Dr. Stephen Henson
00947cea0c PR: 2192
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>

The prompt_info and wrong_info parameters can be empty strings which
can produce confusing prompts. Treat empty string same as NULL.
2010-03-12 12:48:32 +00:00
Dr. Stephen Henson
e45c32fabf missing goto meant signature was never printed out 2010-03-12 12:06:48 +00:00
Mark J. Cox
fb75f349b7 This entry was in 0.9.8m changelog but missing from here, since it's
security relevent we'd better list it.
2010-03-12 08:36:44 +00:00
Dr. Stephen Henson
a907165250 Submitted by: Martin Kaiser
Reject PSS signatures with unsupported trailer value.
2010-03-11 23:11:36 +00:00
Dr. Stephen Henson
e62774c3b9 alg2 can be NULL 2010-03-11 19:27:03 +00:00
Andy Polyakov
f093794e55 Add GHASH x86_64 assembler. 2010-03-11 16:19:46 +00:00
Dr. Stephen Henson
f26cf9957f typo 2010-03-11 14:19:46 +00:00
Dr. Stephen Henson
17c63d1cca RSA PSS ASN1 signing method 2010-03-11 14:06:46 +00:00
Dr. Stephen Henson
877669d69c typo 2010-03-11 14:04:54 +00:00
Dr. Stephen Henson
1c8d92997d ctrl operations to retrieve RSA algorithm settings 2010-03-11 13:55:18 +00:00
Dr. Stephen Henson
bf8883b351 Add support for new PSS functions in RSA EVP_PKEY_METHOD 2010-03-11 13:45:42 +00:00
Dr. Stephen Henson
e8254d406f Extend PSS padding code to support different digests for MGF1 and message. 2010-03-11 13:40:42 +00:00
Dr. Stephen Henson
85522a074c Algorithm specific ASN1 signing functions. 2010-03-11 13:32:38 +00:00
Dr. Stephen Henson
31d66c2a98 update cms code to use X509_ALGOR_set_md instead of internal function 2010-03-11 13:29:39 +00:00
Dr. Stephen Henson
ce25c7207b New function X509_ALGOR_set_md() to set X509_ALGOR (DigestAlgorithmIdentifier)
from a digest algorithm.
2010-03-11 13:27:05 +00:00
Dr. Stephen Henson
77163b6234 don't leave bogus errors in the queue 2010-03-10 13:48:09 +00:00
Andy Polyakov
e3a510f8a6 Add GHASH x86 assembler. 2010-03-09 23:03:33 +00:00
Dr. Stephen Henson
b17bdc7734 PR: 2188
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>

Add "missing" functions to get and set prompt constructor.
2010-03-09 17:24:33 +00:00
Dr. Stephen Henson
a0e4a8e10a PR: 2186
Submitted By: "Joel Rabinovitch" <Joel.Rabinovitch@tecsys.com>

Detect aix64-gcc
2010-03-09 17:08:48 +00:00
Dr. Stephen Henson
d6eebf6d8a reserve a few more bits for future cipher modes 2010-03-08 23:48:21 +00:00
Andy Polyakov
2262beef2e gcm128.c: add option for streamed GHASH, simple benchmark, minor naming
change.
2010-03-08 22:44:37 +00:00
Dr. Stephen Henson
31904ecdf3 RSA PSS verification support including certificates and certificate
requests. Add new ASN1 signature initialisation function to handle this
case.
2010-03-08 18:10:35 +00:00
Dr. Stephen Henson
a4d9c12f99 correct error code 2010-03-08 18:07:05 +00:00
Dr. Stephen Henson
809cd0a22d print outermost signature algorithm parameters too 2010-03-07 17:02:47 +00:00
Dr. Stephen Henson
bea29921a8 oops 2010-03-07 16:41:54 +00:00
Dr. Stephen Henson
7ed485bc9f The OID sanity check was incorrect. It should only disallow *leading* 0x80
values.
2010-03-07 16:40:05 +00:00
Dr. Stephen Henson
069d4cfea5 although AES is a variable length cipher, AES EVP methods have a fixed key length 2010-03-07 15:54:26 +00:00
Dr. Stephen Henson
49436b59b5 oops, make EVP ctr mode work again 2010-03-07 15:52:41 +00:00
Dr. Stephen Henson
9ef6fe8c2e typo 2010-03-07 15:37:37 +00:00
Dr. Stephen Henson
63b825c9d4 add separate PSS decode function, rename PSS parameters to RSA_PSS_PARAMS 2010-03-07 13:34:51 +00:00