wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10177 commits 20 branches 302 tags 153 MiB
Commit graph

10177 commits

This branch
This branch
All branches
Author SHA1 Message Date
Andy Polyakov
760d2551fb rc4-586.pl: 50% improvement on Core2 and 80% on Westmere. 2011-05-24 13:07:29 +00:00
Dr. Stephen Henson
73ab341130 PR: 2522 
Submitted by: Henrik Grindal Bakken <henribak@cisco.com>

Don't compare past end of buffer.
 2011-05-23 12:27:43 +00:00
Andy Polyakov
62f29eb1cf spacrv9cap.c: addenum to recent EC optimizations. 2011-05-23 08:14:32 +00:00
Andy Polyakov
f8501464cc aesni-x86[_64].pl: optimize for Sandy Bridge and add XTS mode. 2011-05-22 18:38:00 +00:00
Andy Polyakov
96abea332c x86_64-gf2m.pl: add Win64 SEH. 2011-05-22 18:29:11 +00:00
Andy Polyakov
2e75ed332f ppccap.c: addenum to recent EC optimizations. 2011-05-21 10:17:02 +00:00
Andy Polyakov
d8ea368c41 ec_cvt.c: ARM comparison results were wrong, clarify the background. 2011-05-21 08:40:18 +00:00
Andy Polyakov
fdf6dac859 ec_cvt.c: avoid EC_GFp_nist_method on platforms with bn_mul_mont [see 
commentary for details].
 2011-05-20 20:31:37 +00:00
Dr. Stephen Henson
f37f20ffd3 PR: 2295 
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
 2011-05-20 14:56:29 +00:00
Dr. Stephen Henson
101e6e19f2 Add CHANGES entry: add FIPS support to ssl 2011-05-19 18:10:25 +00:00
Dr. Stephen Henson
086e32a6c7 Implement FIPS_mode and FIPS_mode_set 2011-05-19 18:09:02 +00:00
Dr. Stephen Henson
05b4fc6c22 oops 2011-05-19 17:55:15 +00:00
Dr. Stephen Henson
0fba7a8fa8 update date 2011-05-19 17:53:04 +00:00
Dr. Stephen Henson
92b4d936cb inherit HMAC flags from MD_CTX 2011-05-19 17:38:25 +00:00
Dr. Stephen Henson
4f7533eb84 set encodedPoint to NULL after freeing it 2011-05-19 16:17:47 +00:00
Andy Polyakov
fb2f3411ea aesni-x86_64.pl: make it compile on MacOS X. 2011-05-18 17:05:24 +00:00
Andy Polyakov
c30a2505e2 x86gas.pl: don't omit .comm OPENSSL_ia32cap_P on MacOS X. 2011-05-18 16:28:53 +00:00
Andy Polyakov
c7b903e01d x86_64-xlate.pl: add inter-register movq and make x86_64-gfm.s compile on 
Solaris, MacOS X, elderly gas...
 2011-05-18 16:26:03 +00:00
Andy Polyakov
ddc20d4da9 x86_64cpuid.pl: allow shared build to work without -Bsymbolic. 
PR: 2466
 2011-05-18 16:24:19 +00:00
Andy Polyakov
b50842036f e_padlock.c: make it compile on MacOS X. 2011-05-18 16:21:54 +00:00
Andy Polyakov
b906422149 x86[_64]cpuid.pl: handle new extensions. 2011-05-16 20:35:11 +00:00
Andy Polyakov
a3e07010b4 ppc-xlate.pl: get linux64 declaration right. 2011-05-16 19:52:41 +00:00
Andy Polyakov
9c437e2fad cms-test.pl: make it work with not-so-latest perl. 2011-05-16 18:11:45 +00:00
Andy Polyakov
2b9a8ca15b x86gas.pl: add palignr and move pclmulqdq. 2011-05-16 18:07:00 +00:00
Andy Polyakov
afebe623c5 x86_64 assembler pack: add x86_64-gf2m module. 2011-05-16 17:46:45 +00:00
Andy Polyakov
b5c6aab57e x86_64-xlate.pl: allow "base-less" effective address, add palignr, move 
pclmulqdq.
 2011-05-16 17:44:38 +00:00
Dr. Stephen Henson
b9b0a177f8 new flag to stop ENGINE methods being registered 2011-05-15 15:56:49 +00:00
Dr. Stephen Henson
9609ea869d NULL is a valid cspname 2011-05-15 11:44:14 +00:00
Dr. Stephen Henson
ff636340f5 Typo. 2011-05-13 12:43:41 +00:00
Dr. Stephen Henson
3ece592886 typo 2011-05-13 12:37:40 +00:00
Dr. Stephen Henson
a75829deef Recognise NO_NISTP224-64-GCC-128 2011-05-13 12:35:05 +00:00
Dr. Stephen Henson
d39c495130 Enter FIPS mode by calling FIPS_module_mode_set in openssl.c until 
FIPS_mode_set is implemented.
 2011-05-12 17:59:47 +00:00
Dr. Stephen Henson
855a54a9a5 Provisional support for TLS v1.2 client authentication: client side only. 
Parse certificate request message and set digests appropriately.

Generate new TLS v1.2 format certificate verify message.

Keep handshake caches around for longer as they are needed for client auth.
 2011-05-12 17:35:03 +00:00
Dr. Stephen Henson
8f82912460 Process signature algorithms during TLS v1.2 client authentication. 
Make sure message is long enough for signature algorithms.
 2011-05-12 14:38:01 +00:00
Dr. Stephen Henson
f76b1baf86 Fix error discrepancy. 2011-05-12 14:28:09 +00:00
Dr. Stephen Henson
b1d00b9611 Add SSL_INTERN definition. 2011-05-12 13:13:07 +00:00
Dr. Stephen Henson
c76e024dde Sync ordinals. 2011-05-11 23:04:10 +00:00
Dr. Stephen Henson
4f7a2ab8b1 make kerberos work with OPENSSL_NO_SSL_INTERN 2011-05-11 22:50:18 +00:00
Andy Polyakov
b0188c4f07 bn_nist.c: fix shadowing warnings. 2011-05-11 20:19:00 +00:00
Andy Polyakov
f24e95b72c fips_canister.c: pick more neutral macro name. 2011-05-11 20:17:06 +00:00
Dr. Stephen Henson
fc101f88b6 Reorder signature algorithms in strongest hash first order. 2011-05-11 16:33:28 +00:00
Dr. Stephen Henson
2f38b38986 Set FIPS mode for values other than 1. The only current effect 
is to return a consistent value. So calling FIPS_module_mode_set(n)
for n != 0 will result in FIPS_module_mode() returning n. This
will support future expansion of more FIPS modes e.g. a Suite B mode.
 2011-05-11 14:49:01 +00:00
Dr. Stephen Henson
c2fd598994 Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in 
the FIPS capable OpenSSL.
 2011-05-11 14:43:38 +00:00
Dr. Stephen Henson
5024b79f5c Inlcude README.ECC in FIPS restricted tarball. 2011-05-11 12:52:51 +00:00
Dr. Stephen Henson
c5ee394b58 Add NSA sublicense info. 2011-05-11 12:50:57 +00:00
Dr. Stephen Henson
21a40da045 Update instructions. 2011-05-10 10:59:25 +00:00
Dr. Stephen Henson
7919c07947 Typo. 2011-05-10 10:57:03 +00:00
Andy Polyakov
ab67c517ae fips_canister.c: fix typo. 2011-05-10 10:03:23 +00:00
Andy Polyakov
31b46ebb62 fips_canister.c: initial support for cross-compiling. "Initial" refers 
to the two-entry list of verified platforms in #ifndef
FIPS_REF_POINT_IS_SAFE_TO_CROSS_COMPILE pre-processor section.
 2011-05-10 09:53:59 +00:00
Dr. Stephen Henson
dc7995eeb8 Initialise rc. 2011-05-09 21:21:29 +00:00