Dr. Stephen Henson
08df41277a
PR: 1904
...
Submitted by: David Woodhouse <dwmw2@infradead.org>
Pass passphrase minimum length down to UI.
2010-03-27 19:31:55 +00:00
Dr. Stephen Henson
ac495542a6
PR: 1813
...
Submitted by: Torsten Hilbrich <torsten.hilbrich@secunet.com>
Fix memory leak when engine name cannot be loaded.
2010-03-27 18:28:02 +00:00
Dr. Stephen Henson
085e5f4859
update FAQ
2010-03-25 12:08:19 +00:00
Bodo Möller
3e8b6485b3
Fix for "Record of death" vulnerability CVE-2010-0740.
...
Also, add missing CHANGES entry for CVE-2009-3245 (code changes submitted to this branch on 23 Feb 2010),
and further harmonize this version of CHANGES with the versions in the current branches.
2010-03-25 11:25:30 +00:00
Dr. Stephen Henson
f2e8488b85
initialise buf if wrong_info not used
2010-03-24 23:42:05 +00:00
Dr. Stephen Henson
a3a06e6543
PR: 1731 and maybe 2197
...
Clear error queue in a few places in SSL code where errors are expected
so they don't stay in the queue.
2010-03-24 23:17:15 +00:00
Andy Polyakov
26c00de46d
rand_win.c: fix logical bug in readscreen.
2010-03-22 22:44:22 +00:00
Andy Polyakov
3dd303129f
bss_file.c: fix MSC 6.0 warning.
2010-03-22 22:38:56 +00:00
Andy Polyakov
c3473126b1
GHASH assembler: new ghash-sparcv9.pl module and saner descriptions.
2010-03-22 17:24:18 +00:00
Andy Polyakov
82f385d71d
e_capi.c: fix typo.
2010-03-15 22:28:48 +00:00
Andy Polyakov
f2fccce4bd
Fix UPLINK typo.
2010-03-15 22:25:57 +00:00
Andy Polyakov
480cd6ab6e
ghash-ia64.pl: new file, GHASH for Itanium.
...
ghash-x86_64.pl: minimize stack frame usage.
ghash-x86.pl: modulo-scheduling MMX loop in respect to input vector
results in up to 10% performance improvement.
2010-03-15 19:07:52 +00:00
Dr. Stephen Henson
6c6bdd543d
workaround for missing definition in some headers
2010-03-15 13:10:08 +00:00
Dr. Stephen Henson
e19f6678f5
print signature parameters with CRLs too
2010-03-14 13:10:48 +00:00
Dr. Stephen Henson
624fbfcadb
free up sigopts STACK
2010-03-14 13:09:00 +00:00
Dr. Stephen Henson
510777f2fc
clear bogus errors in ca utility
2010-03-14 13:07:48 +00:00
Dr. Stephen Henson
be449448dc
update CHANGES
2010-03-14 12:55:15 +00:00
Dr. Stephen Henson
4c623cddbe
add -sigopt option to ca utility
2010-03-14 12:54:45 +00:00
Dr. Stephen Henson
8d207ee3d1
add X509_CRL_sign_ctx function
2010-03-14 12:52:38 +00:00
Dr. Stephen Henson
cdb182b55a
new sigopt and PSS support for req and x509 utilities
2010-03-12 14:41:00 +00:00
Dr. Stephen Henson
00947cea0c
PR: 2192
...
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>
The prompt_info and wrong_info parameters can be empty strings which
can produce confusing prompts. Treat empty string same as NULL.
2010-03-12 12:48:32 +00:00
Dr. Stephen Henson
e45c32fabf
missing goto meant signature was never printed out
2010-03-12 12:06:48 +00:00
Mark J. Cox
fb75f349b7
This entry was in 0.9.8m changelog but missing from here, since it's
...
security relevent we'd better list it.
2010-03-12 08:36:44 +00:00
Dr. Stephen Henson
a907165250
Submitted by: Martin Kaiser
...
Reject PSS signatures with unsupported trailer value.
2010-03-11 23:11:36 +00:00
Dr. Stephen Henson
e62774c3b9
alg2 can be NULL
2010-03-11 19:27:03 +00:00
Andy Polyakov
f093794e55
Add GHASH x86_64 assembler.
2010-03-11 16:19:46 +00:00
Dr. Stephen Henson
f26cf9957f
typo
2010-03-11 14:19:46 +00:00
Dr. Stephen Henson
17c63d1cca
RSA PSS ASN1 signing method
2010-03-11 14:06:46 +00:00
Dr. Stephen Henson
877669d69c
typo
2010-03-11 14:04:54 +00:00
Dr. Stephen Henson
1c8d92997d
ctrl operations to retrieve RSA algorithm settings
2010-03-11 13:55:18 +00:00
Dr. Stephen Henson
bf8883b351
Add support for new PSS functions in RSA EVP_PKEY_METHOD
2010-03-11 13:45:42 +00:00
Dr. Stephen Henson
e8254d406f
Extend PSS padding code to support different digests for MGF1 and message.
2010-03-11 13:40:42 +00:00
Dr. Stephen Henson
85522a074c
Algorithm specific ASN1 signing functions.
2010-03-11 13:32:38 +00:00
Dr. Stephen Henson
31d66c2a98
update cms code to use X509_ALGOR_set_md instead of internal function
2010-03-11 13:29:39 +00:00
Dr. Stephen Henson
ce25c7207b
New function X509_ALGOR_set_md() to set X509_ALGOR (DigestAlgorithmIdentifier)
...
from a digest algorithm.
2010-03-11 13:27:05 +00:00
Dr. Stephen Henson
77163b6234
don't leave bogus errors in the queue
2010-03-10 13:48:09 +00:00
Andy Polyakov
e3a510f8a6
Add GHASH x86 assembler.
2010-03-09 23:03:33 +00:00
Dr. Stephen Henson
b17bdc7734
PR: 2188
...
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>
Add "missing" functions to get and set prompt constructor.
2010-03-09 17:24:33 +00:00
Dr. Stephen Henson
a0e4a8e10a
PR: 2186
...
Submitted By: "Joel Rabinovitch" <Joel.Rabinovitch@tecsys.com>
Detect aix64-gcc
2010-03-09 17:08:48 +00:00
Dr. Stephen Henson
d6eebf6d8a
reserve a few more bits for future cipher modes
2010-03-08 23:48:21 +00:00
Andy Polyakov
2262beef2e
gcm128.c: add option for streamed GHASH, simple benchmark, minor naming
...
change.
2010-03-08 22:44:37 +00:00
Dr. Stephen Henson
31904ecdf3
RSA PSS verification support including certificates and certificate
...
requests. Add new ASN1 signature initialisation function to handle this
case.
2010-03-08 18:10:35 +00:00
Dr. Stephen Henson
a4d9c12f99
correct error code
2010-03-08 18:07:05 +00:00
Dr. Stephen Henson
809cd0a22d
print outermost signature algorithm parameters too
2010-03-07 17:02:47 +00:00
Dr. Stephen Henson
bea29921a8
oops
2010-03-07 16:41:54 +00:00
Dr. Stephen Henson
7ed485bc9f
The OID sanity check was incorrect. It should only disallow *leading* 0x80
...
values.
2010-03-07 16:40:05 +00:00
Dr. Stephen Henson
069d4cfea5
although AES is a variable length cipher, AES EVP methods have a fixed key length
2010-03-07 15:54:26 +00:00
Dr. Stephen Henson
49436b59b5
oops, make EVP ctr mode work again
2010-03-07 15:52:41 +00:00
Dr. Stephen Henson
9ef6fe8c2e
typo
2010-03-07 15:37:37 +00:00
Dr. Stephen Henson
63b825c9d4
add separate PSS decode function, rename PSS parameters to RSA_PSS_PARAMS
2010-03-07 13:34:51 +00:00