Commit graph

11659 commits

Author SHA1 Message Date
Adam Langley
96a4c31be3 Ensure that, when generating small primes, the result is actually of the
requested size. Fixes OpenSSL #2701.

This change does not address the cases of generating safe primes, or
where the |add| parameter is non-NULL.

Conflicts:
	crypto/bn/bn.h
	crypto/bn/bn_err.c
2013-06-04 18:52:30 +01:00
Adam Langley
2b0180c37f Ensure that x**0 mod 1 = 0. 2013-06-04 18:47:11 +01:00
Adam Langley
7753a3a684 Add volatile qualifications to two blocks of inline asm to stop GCC from
eliminating them as dead code.

Both volatile and "memory" are used because of some concern that the compiler
may still cache values across the asm block without it, and because this was
such a painful debugging session that I wanted to ensure that it's never
repeated.
2013-06-04 18:46:25 +01:00
Ben Laurie
5dcd2deb3e Remove added ;. 2013-06-04 17:27:18 +01:00
Ben Laurie
b25b8417a7 Missing prototypes. 2013-06-04 16:34:45 +01:00
Andy Polyakov
b69437e1e5 crypto/bn/bn_exp.c: SPARC portability fix. 2013-06-01 09:58:07 +02:00
Andy Polyakov
36df342f9b aesni-x86_64.pl: optimize XTS.
PR: 3042
2013-05-25 19:23:09 +02:00
Andy Polyakov
4df2280b4f aesni-sha1-x86_64.pl: Atom-specific optimization. 2013-05-25 19:08:39 +02:00
Andy Polyakov
504bbcf3cd sha512-x86_64.pl: +16% optimization for Atom.
(and pending AVX2 changes).
2013-05-25 19:02:57 +02:00
Andy Polyakov
988d11b641 vpaes-x86[_64].pl: minor Atom-specific optimization. 2013-05-25 18:57:03 +02:00
Andy Polyakov
8a97a33063 Add AES-SHA256 stitch. 2013-05-13 22:49:58 +02:00
Andy Polyakov
22de0e6583 x86_64-xlate.pl: minor size/performance improvement. 2013-05-13 16:06:25 +02:00
Andy Polyakov
cd54249c21 aesni-x86_64.pl: minor CTR performance improvement. 2013-05-13 15:49:03 +02:00
Ben Laurie
92584bd3d5 Tests pass! 2013-05-05 16:15:34 +01:00
Ben Laurie
342ec250c3 Ugly hack to avoid recompiling the same thing multiple times in parallel. 2013-05-05 15:06:33 +01:00
Dr. Stephen Henson
c6d8adb8a4 Reencode certificates in X509_sign_ctx.
Reencode certificates in X509_sign_ctx as well as X509_sign.

This was causing a problem in the x509 application when it modified an
existing certificate.
2013-05-02 12:19:40 +01:00
Andy Polyakov
9575d1a91a bsaes-armv7.pl: add bsaes_cbc_encrypt and bsaes_ctr32_encrypt_blocks.
Submitted by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

Contributor claims ~50% improvement in CTR and ~9% in CBC decrypt
on Cortex-A15.
2013-04-23 17:52:14 +02:00
Andy Polyakov
75fe422323 bsaes-armv7.pl: take it into build loop. 2013-04-23 17:49:54 +02:00
Dr. Stephen Henson
412834dcf0 Typo. 2013-04-14 01:19:07 +01:00
Andy Polyakov
db05b447a5 Fix Windows linking error in GOST test case. 2013-04-13 23:03:31 +02:00
Andy Polyakov
3bdd80521a crypto/modes/modes_lcl.h: let STRICT_ALIGNMENT be on ARMv7.
While ARMv7 in general is capable of unaligned access, not all instructions
actually are. And trouble is that compiler doesn't seem to differentiate
those capable and incapable of unaligned access. Side effect is that kernel
goes into endless loop retrying same instruction triggering unaligned trap.
Problem was observed in xts128.c and ccm128.c modules. It's possible to
resolve it by using (volatile u32*) casts, but letting STRICT_ALIGNMENT
be feels more appropriate.
2013-04-13 20:57:37 +02:00
Dr. Stephen Henson
4544f0a691 Suite B support for DTLS 1.2
Check for Suite B support using method flags instead of version numbers:
anything supporting TLS 1.2 cipher suites will also support Suite B.

Return an error if an attempt to use DTLS 1.0 is made in Suite B mode.
2013-04-09 16:49:13 +01:00
Dr. Stephen Henson
c56f5b8edf Always return errors in ssl3_get_client_hello
If we successfully match a cookie don't set return value to 2 as this
results in other error conditions returning 2 as well.

Instead set return value to -2 which can be checked later if everything
else is OK.
2013-04-09 15:59:47 +01:00
Dr. Stephen Henson
c6913eeb76 Dual DTLS version methods.
Add new methods DTLS_*_method() which support both DTLS 1.0 and DTLS 1.2 and
pick the highest version the peer supports during negotiation.

As with SSL/TLS options can change this behaviour specifically
SSL_OP_NO_DTLSv1 and SSL_OP_NO_DTLSv1_2.
2013-04-09 14:02:48 +01:00
Dr. Stephen Henson
04638f2fc3 Set s->d1 to NULL after freeing it. 2013-04-08 18:24:42 +01:00
Dr. Stephen Henson
045b2809f8 Asm build portability.
Don't use Win32 specific options in mk1mf.pl to build assembly language
files.
2013-04-08 14:53:54 +01:00
Ben Laurie
29d422e2a0 Make sure all tests are actually run, plus some fixups for things that
turn out to be made somewhere by existing Makefiles.
2013-04-07 16:52:54 +01:00
Ben Laurie
a7f5cd7fd5 Use original alltests target for definitive test list. 2013-04-06 20:42:38 +01:00
Ben Laurie
afdf366921 Missing semicolon. 2013-04-06 16:17:14 +01:00
Dr. Stephen Henson
fed45e1879 Fix non-copy builds.
Only use -MMD and .sinclude in copy builds: other platforms don't
support them.
2013-04-06 16:05:23 +01:00
Ben Laurie
d07201a2bb Missing file. 2013-04-06 15:25:43 +01:00
Ben Laurie
bc9e878210 Make executable. 2013-04-06 15:22:28 +01:00
Ben Laurie
9fc3ebda13 Helper scripts for one makefile build. 2013-04-06 15:17:30 +01:00
Ben Laurie
1a70fe953a Merge, go back to copy-if-different. 2013-04-06 15:15:11 +01:00
Ben Laurie
ea4507ee1c Fix test_ss. 2013-04-06 15:13:12 +01:00
Ben Laurie
4b9af0a101 Add new asm target. 2013-04-06 15:13:12 +01:00
Ben Laurie
e92ce4e35b Show start/end of tests. 2013-04-06 15:13:12 +01:00
Ben Laurie
3426b8ed3f Avoid collisions. 2013-04-06 15:13:12 +01:00
Ben Laurie
f5cd3db541 Make session ID test work. 2013-04-06 15:13:12 +01:00
Ben Laurie
15e5f592c1 Make S/MIME test work. 2013-04-06 15:13:11 +01:00
Ben Laurie
509a83dd36 Make RSA test work. 2013-04-06 15:13:11 +01:00
Ben Laurie
8c7f5f3bec Make PKCS#7 test work. 2013-04-06 15:13:11 +01:00
Ben Laurie
188f6443ae Make OCSP test work. 2013-04-06 15:13:11 +01:00
Ben Laurie
3675fb882c More progress towards working tests. 2013-04-06 15:13:11 +01:00
Ben Laurie
3b4d86bff5 Get closer to a working single Makefile with test support. 2013-04-06 15:11:11 +01:00
Ben Laurie
282a480a35 Fix warnings. 2013-04-06 15:08:44 +01:00
Dr. Stephen Henson
1e2d4cb0e1 Make TLS 1.2 ciphers work again.
Since s->method does not reflect the final client version when a client
hello is sent for SSLv23_client_method it can't be relied on to indicate
if TLS 1.2 ciphers should be used. So use the client version instead.
2013-04-04 18:21:58 +01:00
Andy Polyakov
99cda4376e cryptlib.c: fix typo in OPENSSL_showfatal. 2013-04-04 15:57:43 +02:00
Andy Polyakov
73325b221c aesni-x86_64.pl: optimize CBC decrypt.
Give CBC decrypt approximately same treatment as to CTR and collect 25%.
2013-04-04 15:56:23 +02:00
Andy Polyakov
a42abde699 e_aes.c: reserve for future extensions. 2013-04-04 15:55:49 +02:00