wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11849 commits 20 branches 302 tags 153 MiB
Commit graph

6087 commits

Author SHA1 Message Date
Andy Polyakov
0d5096fbd6 evp/e_aes_cbc_hmac_sha*.c: additional CTRL to query buffer requirements. 2014-02-05 14:05:08 +01:00
Andy Polyakov
3847d15d6b [aesni|sha*]-mb-x86_64.pl: add data prefetching. 2014-02-05 14:03:35 +01:00
Andy Polyakov
d162584b11 modes/asm/ghash-s390x.pl: +15% performance improvement on z10. 2014-02-02 00:09:17 +01:00
Andy Polyakov
d8ba0dc977 crypto/aes/asm/aesni-x86[_64].pl update, up to 14% improvement on 
Atom Silvermont. On other CPUs one can observe 1% loss on some
algorithms.
 2014-02-01 21:13:49 +01:00
Andy Polyakov
b217ca63b1 crypto/sha/asm/sha1-x86_64.pl update: 
+5% on Atom Silvermont, up to +8% improvement of legacy code.
Harmonize sha1-586.pl and aesni-sha1-x86_86.p with sha1-x86_64.pl.
 2014-02-01 21:07:16 +01:00
Dr. Stephen Henson
e933f91f50 Add loaded dynamic ENGINEs to list. 
Always add a dynamically loaded ENGINE to list. Otherwise it can cause
problems when multiply loaded, especially if it adds new public key methods.
For all current engines we only want a single implementation anyway.
 2014-01-28 13:51:58 +00:00
Dr. Stephen Henson
ec492c8a5a Compare encodings in X509_cmp as well as hash. 2014-01-26 16:29:50 +00:00
Dr. Stephen Henson
9f10e9293b typo 2014-01-12 14:13:48 +00:00
Dr. Stephen Henson
ef643cc7bd Use rdrand as additional entropy source. 
If available rdrand is used as an additional entropy source for the
PRNG and for additional input in FIPS mode.
 2014-01-11 14:19:25 +00:00
Dr. Stephen Henson
8f4077ca69 Fix bug in X509_V_FLAG_IGNORE_CRITICAL CRL handling. 2014-01-09 22:52:49 +00:00
Andy Polyakov
eedab5241e bn/asm/x86_64-mont5.pl: fix compilation error on Solaris. 2014-01-09 13:44:59 +01:00
Andy Polyakov
5dc52b919b PPC assembly pack: relax 64-bit requirement for little-endian support. 2014-01-07 22:44:21 +01:00
Andy Polyakov
1fb83a3bc2 aes/asm/vpaes-ppc.pl: add little-endian support. 2014-01-07 16:48:04 +01:00
Andy Polyakov
ad0d2579cf sha/asm/sha256-armv4.pl: add NEON code path. 
(and shave off cycle even from integer-only code)
 2014-01-04 18:04:53 +01:00
Andy Polyakov
25f7117f0e aesni-sha1-x86_64.pl: refine Atom-specific optimization. 
(and update performance data, and fix typo)
 2014-01-04 17:13:57 +01:00
Andy Polyakov
2f3af3dc36 aesni-sha1-x86_64.pl: add stiched decrypt procedure, 
but keep it disabled, too little gain... Add some Atom-specific
optimization.
 2014-01-03 21:40:08 +01:00
Andy Polyakov
926725b3d7 sparcv9cap.c: omit random detection. 
PR: 3202
 2013-12-28 13:31:14 +01:00
Andy Polyakov
2218c296b4 ARM assembly pack: make it work with older toolchain. 2013-12-28 12:17:08 +01:00
Dr. Stephen Henson
cd30f03ac5 Canonicalise input in CMS_verify. 
If content is detached and not binary mode translate the input to
CRLF format. Before this change the input was verified verbatim
which lead to a discrepancy between sign and verify.
 2013-12-22 00:35:29 +00:00
Dr. Stephen Henson
560b34f2b0 Ignore NULL parameter in EVP_MD_CTX_destroy. 
(cherry picked from commit a6c62f0c25)
 2013-12-20 23:32:25 +00:00
Andy Polyakov
fc0503a25c sha1-x86_64.pl: harmonize Win64 SE handlers for SIMD code pathes. 
(and ensure stack alignment in the process)
 2013-12-18 22:12:08 +01:00
Andy Polyakov
e9c80e04c1 evp/e_[aes|camellia].c: fix typo in CBC subroutine. 
It worked because it was never called.
 2013-12-18 21:42:46 +01:00
Andy Polyakov
f0f4b8f126 PPC assembly pack update addendum. 2013-12-18 21:39:15 +01:00
Andy Polyakov
cdd1acd788 sha512.c: fullfull implicit API contract in SHA512_Transform. 
SHA512_Transform was initially added rather as tribute to tradition
than for practucal reasons. But use was recently found in ssl/s3_cbc.c
and it turned to be problematic on platforms that don't tolerate
misasligned references to memory and lack assembly subroutine.
 2013-12-18 21:27:35 +01:00
Andy Polyakov
128e1d101b PPC assembly pack: improve AIX support (enable vpaes-ppc). 2013-12-18 21:19:08 +01:00
Dr. Stephen Henson
4a253652ee Add opaque ID structure. 
Move the IP, email and host checking fields from the public
X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID
structure. By doing this the structure can be modified in future
without risk of breaking any applications.
(cherry picked from commit adc6bd73e3)

Conflicts:

	crypto/x509/x509_vpm.c
 2013-12-13 15:42:16 +00:00
Dr. Stephen Henson
102302b05b Fix for partial chain notification. 
For consistency with other cases if we are performing
partial chain verification with just one certificate
notify the callback with ok==1.
(cherry picked from commit 852553d9005e13aed7feb986a5d71cb885b994c7)
 2013-12-13 15:39:55 +00:00
Dr. Stephen Henson
8a1956f3ea Don't use rdrand engine as default unless explicitly requested. 
(cherry picked from commit 16898401bd47a153fbf799127ff57fdcfcbd324f)
 2013-12-13 15:39:55 +00:00
Andy Polyakov
41965a84c4 x86_64-xlate.pl: minor update. 2013-12-09 21:23:19 +01:00
Andy Polyakov
ec9cc70f72 bn/asm/x86_64-mont5.pl: add MULX/AD*X code path. 
This also eliminates code duplication between x86_64-mont and x86_64-mont
and optimizes even original non-MULX code.
 2013-12-09 21:02:24 +01:00
Andy Polyakov
d1671f4f1a bn/asm/armv4-mont.pl: add NEON code path. 2013-12-04 22:37:49 +01:00
Andy Polyakov
26e18383ef perlasm/ppc-xlate.pl: add support for AltiVec/VMX and VSX. 
Suggested by: Marcello Cerri
 2013-12-04 22:01:31 +01:00
Andy Polyakov
f586d97191 perlasm/ppc-xlate.pl: improve linux64le support. 
Suggested by: Marcello Cerri
 2013-12-04 21:47:43 +01:00
Andy Polyakov
a61e51220f aes/asm/vpaes-ppc.pl: comply with ABI. 2013-12-04 21:46:40 +01:00
Andy Polyakov
c5d5f5bd0f bn/asm/x86_64-mont5.pl: comply with Win64 ABI. 
PR: 3189
Submitted by: Oscar Ciurana
 2013-12-03 23:59:55 +01:00
Andy Polyakov
8bd7ca9996 crypto/bn/asm/rsaz-x86_64.pl: make it work on Win64. 2013-12-03 22:28:48 +01:00
Andy Polyakov
31ed9a2131 crypto/bn/rsaz*: fix licensing note. 
rsaz_exp.c: harmonize line terminating;
asm/rsaz-*.pl: minor optimizations.
 2013-12-03 22:08:29 +01:00
Andy Polyakov
6efef384c6 bn/asm/rsaz-x86_64.pl: fix prototype. 2013-12-03 09:43:06 +01:00
Andy Polyakov
89bb96e51d vpaes-ppc.pl: fix bug in IV handling and comply with ABI. 2013-11-29 14:40:51 +01:00
Andy Polyakov
b9e87d07cb ppc64-mont.pl: eliminate dependency on GPRs' upper halves. 2013-11-27 22:50:00 +01:00
Andy Polyakov
07f3e4f3f9 Take vpaes-ppc module into loop. 2013-11-27 22:39:13 +01:00
Andy Polyakov
b5c54c914f Add Vector Permutation AES for PPC. 2013-11-27 22:32:56 +01:00
Dr. Stephen Henson
0f7fa1b190 Constify. 
(cherry picked from commit 1abfa78a8b)
 2013-11-14 21:05:36 +00:00
Dr. Stephen Henson
afa23c46d9 Flag to disable automatic copying of contexts. 
Some functions such as EVP_VerifyFinal only finalise a copy of the passed
context in case an application wants to digest more data. Doing this when
it is not needed is inefficient and many applications don't require it.

For compatibility the default is to still finalise a copy unless the
flag EVP_MD_CTX_FLAG_FINALISE is set in which case the passed
context is finalised an *no* further data can be digested after
finalisation.
 2013-11-13 23:48:35 +00:00
Andy Polyakov
2df9ec01d5 srp/srp_grps.h: make it Compaq C-friendly. 
PR: 3165
Submitted by: Daniel Richard G.
 2013-11-12 22:09:55 +01:00
Andy Polyakov
5b63a39241 modes/asm/ghash-alpha.pl: fix typo. 2013-11-12 21:52:18 +01:00
Andy Polyakov
d1cf23ac86 Make Makefiles OSF-make-friendly. 
PR: 3165
 2013-11-12 21:51:37 +01:00
Dr. Stephen Henson
16bc45ba95 Fix memory leak. 2013-11-11 22:39:40 +00:00
Dr. Stephen Henson
85c9ba2342 Support setting of "no purpose" for trust. 
If the oid parameter is set to NULL in X509_add1_trust_object
create an empty list of trusted purposes corresponding to
"no purpose" if trust is checked.
 2013-11-11 22:39:23 +00:00
Dr. Stephen Henson
dd274b1c1c Fix for some platforms where "char" is unsigned. 2013-11-09 15:09:23 +00:00
Dr. Stephen Henson
da15c61608 Add CMS_SignerInfo_get0_signature function. 
Add function to retrieve the signature from a CMS_SignerInfo structure:
applications can then read or modify it.
 2013-11-09 15:09:23 +00:00
Dr. Stephen Henson
534e5fabad Check for missing components in RSA_check. 2013-11-09 15:09:23 +00:00
Andy Polyakov
33446493f4 modes/asm/ghash-alpha.pl: make it work with older assembler for real. 
PR: 3165
 2013-11-09 11:41:59 +01:00
Andy Polyakov
d24d1d7daf modes/asm/ghash-alpha.pl: make it work with older assembler. 
PR: 3165
 2013-11-08 22:56:44 +01:00
Dr. Stephen Henson
b0513fd2bb Initialise context before using it. 
(cherry picked from commit a4947e4e06)
 2013-11-06 13:19:13 +00:00
Ben Laurie
c10e3f0cff PBKDF2 should be efficient. Contributed by Christian Heimes 
<christian@python.org>.
 2013-11-03 17:23:50 +00:00
Robin Seggelmann
b814081136 DTLS/SCTP struct authchunks Bug 
PR: 2809

DTLS/SCTP requires DATA and FORWARD-TSN chunks to be protected with
SCTP-AUTH.  It is checked if this has been activated successfully for
the local and remote peer. Due to a bug, however, the
gauth_number_of_chunks field of the authchunks struct is missing on
FreeBSD, and was therefore not considered in the OpenSSL implementation.
This patch sets the corresponding pointer for the check correctly
whether or not this bug is present.
(cherry picked from commit f596e3c491)
 2013-11-01 21:41:52 +00:00
Andy Polyakov
fb65e65e28 sha/asm/sha512-ppc.pl: fix typo. 
Submitted by: Marcelo Cerri
 2013-10-31 20:21:54 +01:00
Andy Polyakov
0e0a105364 perlas/ppc-xlate.pl: fix typo. 2013-10-31 11:58:50 +01:00
Andy Polyakov
c944f81703 aes/asm/aes-ppc.pl: add little-endian support. 
Submitted by: Marcelo Cerri
 2013-10-31 11:41:26 +01:00
Andy Polyakov
8ff8a829b0 perlasm/ppc-xlate.pl: add .quad directive 
sha/asm/sha512-ppc.pl: add little-endian support.

Submitted by: Marcelo Cerri
 2013-10-31 11:08:51 +01:00
Andy Polyakov
3f9562a669 sha/asm/sha1-ppc.pl: add little-endian support. 
Submitted by: Marcelo Cerri
 2013-10-31 11:07:38 +01:00
Andy Polyakov
4eeb750d20 bn/asm/x86_64-mont.pl: minor optimization [for Decoded ICache]. 2013-10-25 10:14:20 +02:00
Lubomir Rintel
ed77017b59 POD: Fix list termination 
This fixes problems in POD list formatting: extra or missing =back
sequences.

doc/ssl/SSL_CTX_set1_curves.pod around line 90: =back without =over
doc/ssl/SSL_CTX_set1_verify_cert_store.pod around line 73: =back without =over
doc/ssl/SSL_CTX_add1_chain_cert.pod around line 82: =back without =over
doc/crypto/evp.pod around line 40: '=item' outside of any '=over'
crypto/des/des.pod around line 184: You forgot a '=back' before '=head1'

PR#3147
 2013-10-22 07:38:25 +01:00
Dr. Stephen Henson
c051e521a7 Time value for various platforms. 
The function gettimeofday() is not supported on all platforms. Use
more portable versions. Adapted from FIPS code.
 2013-10-20 22:07:36 +01:00
Andy Polyakov
76c15d790e PPC assembly pack: make new .size directives profiler-friendly. 
Suggested by: Anton Blanchard
 2013-10-15 23:40:12 +02:00
Dr. Stephen Henson
579a759071 Fix warning. 2013-10-15 11:33:30 +01:00
Dr. Stephen Henson
da317b94d9 Add test vectors from RFC7027 2013-10-15 11:33:30 +01:00
Dr. Stephen Henson
7f5fd314c0 Sync OID numbers with 1.0.2 branch. 2013-10-15 11:33:30 +01:00
Andy Polyakov
d6019e1654 PPC assembly pack: add .size directives. 2013-10-15 00:14:39 +02:00
Andy Polyakov
30b9c2348d bn/asm/*x86_64*.pl: correct assembler requirement for ad*x. 2013-10-14 22:41:00 +02:00
Andy Polyakov
039081b809 Initial aarch64 bits. 2013-10-13 19:15:15 +02:00
Andy Polyakov
0c2adb0a9b MIPS assembly pack: get rid of deprecated instructions. 
Latest MIPS ISA specification declared 'branch likely' instructions
obsolete. To makes code future-proof replace them with equivalent.
 2013-10-13 13:14:52 +02:00
Andy Polyakov
b4f0abd246 evp/e_aes_cbc_hmac_sha*.c: limit multi-block fragmentation to 1KB. 
Excessive fragmentation put additional burden (of addtional MAC
calculations) on the other size and limiting fragments it to 1KB
limits the overhead to ~6%.
 2013-10-12 22:10:28 +02:00
Andy Polyakov
7e1e3334f6 aes/asm/bsaes-x86_64.pl: fix Windows-specific bug in XTS. 
PR: 3139
 2013-10-12 21:37:55 +02:00
Andy Polyakov
fa104be35e bn/asm/rsax-avx2.pl: minor optimization [for Decoded ICache]. 2013-10-10 23:06:43 +02:00
Andy Polyakov
37de2b5c1e bn/bn_exp.c: prefer MULX/AD*X over AVX2. 2013-10-09 11:08:52 +02:00
Andy Polyakov
a69c0a1be5 evp/e_aes_cbc_hmac_sha*.c: harmonize names, fix bugs. 2013-10-08 23:39:26 +02:00
Andy Polyakov
b1de640f03 evp/evp.h: add multi-block contstants and parameter type. 2013-10-08 23:38:05 +02:00
Andy Polyakov
61ba602af5 sha/asm/sha*-mb-x86_64.pl: commentary update. 2013-10-08 23:36:55 +02:00
Ben Laurie
c45a48c186 Constification. 2013-10-07 12:45:26 +01:00
Andy Polyakov
6f6a613032 aes/asm/bsaes-*.pl: improve decrypt performance. 
Improve decrypt performance by 10-20% depending on platform. Thanks
to Jussi Kivilinna for providing valuable hint. Also thanks to Ard
Biesheuvel.
 2013-10-03 23:08:31 +02:00
Andy Polyakov
524b00c0da evp/e_des3.c: fix typo with potential integer overflow on 32-bit platforms. 
Submitted by: Yuriy Kaminskiy
 2013-10-03 10:55:49 +02:00
Andy Polyakov
6b2cae0c16 perlasm/sparcv9_modes.pl: make it work even with seasoned perl. 
PR: 3130
 2013-10-03 10:42:11 +02:00
Andy Polyakov
a5bb5bca52 bn/asm/x86_64-mont*.pl: add MULX/ADCX/ADOX code path. 2013-10-03 00:45:04 +02:00
Andy Polyakov
87954638a6 rsaz-x86_64.pl: add MULX/ADCX/ADOX code path. 2013-10-03 00:30:12 +02:00
Andy Polyakov
667053a2f3 x86_64-xlate.pl: fix jrcxz in nasm case. 2013-10-03 00:26:09 +02:00
Andy Polyakov
7f893258f6 evp/e_aes_cbc_hmac_sha*.c: multi-block glue code. 2013-10-03 00:24:03 +02:00
Andy Polyakov
6bcb68da41 Configire: take multi-block modules into build loop. 2013-10-03 00:21:10 +02:00
Andy Polyakov
b783858654 x86_64 assembly pack: add multi-block AES-NI, SHA1 and SHA256. 2013-10-03 00:18:58 +02:00
Andy Polyakov
5f487e0317 evp/e_aes_cbc_hmac_sha256.c: enable is on all AES-NI platforms, not only on AVX. 2013-10-03 00:16:51 +02:00
Andy Polyakov
066caf0551 aes/asm/*-armv*.pl: compensate for inconsistencies in tool-chains. 
Suggested by: Ard Biesheuvel
 2013-10-01 20:33:06 +02:00
Ben Laurie
3cd8547a20 Mix time into the pool to avoid repetition of the Android duplicated PID problem. 2013-09-20 16:52:07 +01:00
Ben Laurie
79b9209883 More diagnostics for invalid OIDs. 2013-09-20 14:38:36 +01:00
Andy Polyakov
e0202d946d aes-armv4.pl, bsaes-armv7.pl: add Linux kernel and Thumb2 support. 
Submitted by: Ard Biesheuvel
 2013-09-20 13:22:57 +02:00
Dr. Stephen Henson
94c2f77a62 Add functions to set ECDSA_METHOD structure. 
Add various functions to allocate and set the fields of an ECDSA_METHOD
structure.
 2013-09-18 01:22:50 +01:00
Bodo Moeller
ca567a03ad Fix overly lenient comparisons: 
- EC_GROUP_cmp shouldn't consider curves equal just because
      the curve name is the same. (They really *should* be the same
      in this case, but there's an EC_GROUP_set_curve_name API,
      which could be misused.)

    - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
      or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
      equality (not an error).

    Reported by: king cope
 2013-09-16 12:59:21 +02:00
Andy Polyakov
8e52a9063a crypto/armcap.c: fix typo in rdtsc subroutine. 
PR: 3125
Submitted by: Kyle McMartin
 2013-09-15 22:07:49 +02:00
Andy Polyakov
612f4e2384 bsaes-armv7.pl: remove partial register operations in CTR subroutine. 2013-09-15 19:47:51 +02:00
Andy Polyakov
29f41e8a80 bsaes-armv7.pl: remove byte order dependency and minor optimization. 2013-09-15 19:44:43 +02:00