Commit graph

3751 commits

Author SHA1 Message Date
Dr. Stephen Henson
45e2738585 Remove ASN1_METHOD code replace with new ASN1 alternative. 2005-08-20 18:12:45 +00:00
Dr. Stephen Henson
b173acfc96 New version of ASN1 print code, still not compiled in though. 2005-08-20 00:08:29 +00:00
Andy Polyakov
ff82bf3b07 Pedantic polish to WCE-specific #if clause in ectest.c 2005-08-11 08:42:46 +00:00
Andy Polyakov
7cfe2a5e65 Fix Intel assembler warnings. 2005-08-10 08:28:36 +00:00
Andy Polyakov
0491e05833 Final(?) WinCE update. 2005-08-07 22:21:49 +00:00
Nils Larsch
9a1a5b8785 avoid infinite recursion if dynamic engine isn't loaded
Submitted by: Jonathon Green <jonathon_au@yahoo.com>
2005-08-06 10:46:19 +00:00
Nils Larsch
53b38d37a9 fix potential memory leak + improved error checking
PR: 1182
2005-08-05 09:42:45 +00:00
Dr. Stephen Henson
8f2e4fdf86 Allow PKCS7_decrypt() to work if no cert supplied. 2005-08-04 22:15:22 +00:00
Andy Polyakov
11de71b04c 3-4 times better RSA/DSA performance on WIN64A target. Well, on AMD64 CPU,
EMT64T will hardly exhibit better performance...
2005-08-04 17:35:42 +00:00
Andy Polyakov
19bd66fe74 WCE update, mostly typos. 2005-08-03 19:56:36 +00:00
Andy Polyakov
45771abbd6 PIC-ify SPARC assembler in alternative manner to eliminate dependency on
OPENSSL_PIC macro.
2005-08-03 10:42:21 +00:00
Andy Polyakov
573969cd53 Abstain from GUI calls in rand_win.c in NT service context. 2005-08-02 22:09:14 +00:00
Andy Polyakov
2031eca588 WCE-specific fix for cryptlib.c. 2005-08-02 22:07:28 +00:00
Andy Polyakov
8a35fb3bea Eliminate bogus #if WCEPLATFORM!=MS_HPC_PRO [which by the way unconditionally
invalidated the whole clause] and replace it with #if _WIN32_WCE>=210.
2005-08-02 11:58:39 +00:00
Andy Polyakov
b37fb16dcb Implement complementary LoadLibraryA shim under WCE. 2005-08-02 10:55:43 +00:00
Andy Polyakov
b2be099d16 Fix #if _MSC_VER clause in aes_locl.h 2005-07-30 19:42:50 +00:00
Nils Larsch
28d8362934 add comment 2005-07-29 19:46:42 +00:00
Nils Larsch
01039d0bff remove unused variable 2005-07-27 20:20:53 +00:00
Nils Larsch
c755c5fd8b improved error checking and some fixes
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
2005-07-26 21:10:34 +00:00
Dr. Stephen Henson
5c8e9139d1 Handle case where it==NULL 2005-07-26 12:25:06 +00:00
Dr. Stephen Henson
56defd9a98 Update ASN1 printing code. Highly experimental, not working properly (neither
did the old code) and not compiled in yet...
2005-07-26 11:46:23 +00:00
Dr. Stephen Henson
8eb7217580 Add declaration for IDP ASN1 functions. 2005-07-26 11:43:11 +00:00
Geoff Thorpe
1385ddbb14 add a .cvsignore 2005-07-26 04:50:36 +00:00
Geoff Thorpe
209b12814f Fix compilation when HAVE_LONG_LONG isn't defined. 2005-07-26 04:43:31 +00:00
Geoff Thorpe
f920c5b590 Fix signed/unsigned warnings. 2005-07-26 04:25:05 +00:00
Nils Larsch
0260405c68 fix BN_mod_word and give a more reasonable return value if an error occurred 2005-07-25 22:57:54 +00:00
Dr. Stephen Henson
0537f9689c Add support for setting IDP too. 2005-07-25 22:35:36 +00:00
Dr. Stephen Henson
0c010a1517 Don't use @syntax for extended CRLDP format. 2005-07-25 18:55:40 +00:00
Dr. Stephen Henson
0745d0892d Allow setting of all fields in CRLDP. Few cosmetic changes to output. 2005-07-25 18:42:29 +00:00
Dr. Stephen Henson
5e64f8c44c Typo which prevents mult valued RDNs being created. 2005-07-25 18:39:44 +00:00
Andy Polyakov
4a5b8a5bee Commentary section update in sha512-x86_64.pl. 2005-07-25 13:29:42 +00:00
Andy Polyakov
0a882b6394 Eliminate gcc warning in dso_win32.c. 2005-07-24 21:45:08 +00:00
Andy Polyakov
612a91110f Engage SHA-256/-512 x86_64 assembler module. 2005-07-24 12:30:26 +00:00
Andy Polyakov
2337eb5823 SHA-256/-512 x86_64 assembler module. 2005-07-24 12:28:04 +00:00
Dr. Stephen Henson
9aa9d70ddb Print out previously unsupported fields in CRLDP by i2r instead of i2v.
Cosmetic changes to IDP printout.
2005-07-24 00:23:57 +00:00
Dr. Stephen Henson
231493c93c Initial print only support for IDP CRL extension. 2005-07-23 23:33:06 +00:00
Geoff Thorpe
20a90e3a76 Fix some signed/unsigned warnings. 2005-07-22 03:36:30 +00:00
Nils Larsch
17a2994dbd set correct bn->top value 2005-07-21 22:40:39 +00:00
Nils Larsch
b554eef43b the final byte of a pkcs7 padded plaintext can never be 0
Submitted by: K S Sreeram <sreeram@tachyontech.net>
2005-07-20 22:03:36 +00:00
Andy Polyakov
0066590f98 Pedantic polish to aes-ia64 and sha512-ia64. 2005-07-20 15:15:22 +00:00
Andy Polyakov
165a28abae Pedantic polish to md5-ia64.S. 2005-07-20 12:24:04 +00:00
Andy Polyakov
2802ec65c2 Pedantic polish to rc4-ia64.pl. 2005-07-20 11:47:47 +00:00
Andy Polyakov
b3f56e8b38 Typo in version number. 2005-07-20 11:11:14 +00:00
Andy Polyakov
5826e4f481 Perl stylistic/cosmetic update for aes-x86_64.pl. 2005-07-20 11:09:02 +00:00
Andy Polyakov
66ee67be03 Fix bug [SHA1 IA-64 being disabled] introduced with Stratus VOS update.
PR: 1130
2005-07-19 23:04:57 +00:00
Andy Polyakov
a7ad2afa5e Engage MD5 assembler module. 2005-07-19 22:37:57 +00:00
Andy Polyakov
0f04379d9c This update gets endianness-neutrality right and adds second required
entry point, md5_block_asm_data_order.
2005-07-19 22:33:03 +00:00
Andy Polyakov
7e4d335943 MD5 IA-64 assembler implementation. Original copy for reference purposes.
Submitted by: David Mosberger

Obtained from: http://www.hpl.hp.com/research/linux/crypto/
2005-07-19 22:27:02 +00:00
Andy Polyakov
26c07054a1 Retire original rc4-ia64.S. 2005-07-18 18:59:21 +00:00
Andy Polyakov
843d9d0b39 Switch to new RC4 IA-64 module. 2005-07-18 18:56:16 +00:00
Andy Polyakov
4ac210c16a This update implements following improvements.
1. Original submission required minor modification to RC4_set_key, which
   we don't want to tolerate and therefore we fix assembler instead.
2. Eliminate remaining byte-order dependence [look for RC4_BIG_ENDIAN].
3. Eliminate logical error [when key->x is referred prior key is verified].
4. HP-UX assembler puked on MODSCHED_RC4 macro with "syntax error,"
   macro has to be splitted in two.
5. Deploy parallel compare in function prologue.
6. Eliminate redundant instuctions and nops.
7. Eliminate assembler warnings.
2005-07-18 17:11:13 +00:00
Andy Polyakov
02703c74a4 Unrolled RC4 IA-64 loop gives 40% improvement over current assembler
implementation [as predicted].

Submitted by: David Mosberger

Obtained from: http://www.hpl.hp.com/research/linux/crypto/
2005-07-18 16:55:52 +00:00
Andy Polyakov
ef428d5681 Fix unwind directives in IA-64 assembler modules. This helps symbolic
debugging and doesn't affect functionality.

Submitted by: David Mosberger

Obtained from: http://www.hpl.hp.com/research/linux/crypto/
2005-07-18 09:54:14 +00:00
Andy Polyakov
afbe674edb ~15% better AES x86_64 assembler. 2005-07-18 09:15:04 +00:00
Nils Larsch
f42e6d24f2 fix typo 2005-07-17 21:04:19 +00:00
Nils Larsch
449bd384ed bugfix: 0 - w (w != 0) is actually negative 2005-07-17 16:09:09 +00:00
Nils Larsch
3eeaab4bed make
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
    	make depend all test
work again

PR: 1159
2005-07-16 12:37:36 +00:00
Andy Polyakov
b4f5e5c959 Commentary section update. 2005-07-14 13:16:31 +00:00
Andy Polyakov
e84b663a93 complementary x86_64-xlate.pl update. 2005-07-12 22:11:22 +00:00
Andy Polyakov
d85185217b AES x86_64 assembler implementation. 2005-07-12 15:44:58 +00:00
Andy Polyakov
8f3bdc72d0 Latest Intel compiler means every word in "if copying [with memcpy] takes
place between objects that overlap, the behavior is undefined." It's hard
to comprehend, but it reportedly manages to be case.
2005-07-08 16:46:22 +00:00
Richard Levitte
7d368fcbd8 On case insensitive systems, 'install' gets mixed up with the existing file
'INSTALL', so we need to put some force into installing
2005-07-08 10:13:22 +00:00
Andy Polyakov
1875e6db29 Pull up Win64 support from 0.9.8. 2005-07-05 11:44:45 +00:00
Andy Polyakov
109080ae48 Fix bugs in bug-fix to x509/by_dir.c.
PR: 1131
2005-07-03 13:10:45 +00:00
Andy Polyakov
31efffbdba Trap condition should be 64-bit when it's due. 2005-07-03 09:17:50 +00:00
Andy Polyakov
aaa5dc614f More elegant solution to "sparse decimal printout on PPC" problem. 2005-07-02 08:58:55 +00:00
Andy Polyakov
8be97c01d1 Decimal printout of a BN is wrong on PPC, it's sparse with very few
significant digits. As soon it verifies elsewhere it goes to 0.9.8 and
0.9.7.
2005-07-01 17:49:47 +00:00
Andy Polyakov
4e28f13209 Pedantic polish to aes-586.pl:-) 2005-07-01 10:13:30 +00:00
Andy Polyakov
53a20bfd94 Typos in commentary section. 2005-06-30 22:09:03 +00:00
Andy Polyakov
a28062338c AES_cbc_encrypt to allow end-user to retain small blocks performance by
aligning the key schedule in a specific manner.
2005-06-30 22:06:35 +00:00
Dr. Stephen Henson
1c2f1fe505 Check PKCS7 structures in PKCS#12 files are of type data. 2005-06-30 11:34:58 +00:00
Richard Levitte
14365bd820 Actually, the 64bit format specifier differs between SIXTY_FOUR_BIT and
SIXTY_FOUR_BIT_LONG
2005-06-29 18:48:08 +00:00
Ben Laurie
a51a97262d Brought forward from 0.9.8 - 64 bit warning fixes and fussy compiler fixes. 2005-06-29 11:02:15 +00:00
Ben Laurie
45d8574b93 Fix warnings. 2005-06-29 10:25:06 +00:00
Nils Larsch
b3b72cd92c remove OPENSSL_NO_ASM dependency 2005-06-28 15:05:02 +00:00
Andy Polyakov
bb00084863 Replace _int64 with __int64, which is more widely accepted among Win32
compiler vendors.
2005-06-28 11:50:50 +00:00
Andy Polyakov
db22e5faa6 A report suggests that there're nasm version, which defaults to 16-bit
segmenting...
2005-06-28 11:28:43 +00:00
Andy Polyakov
83e68987b3 Eliminate dependency on UNICODE macro. 2005-06-27 21:27:23 +00:00
Andy Polyakov
a4022932ee Omit padding in RC4_KEY on IA-64. The idea behind padding was to reserve
room for aligning of the key schedule itself [specific alignment is
required for future performance improvements], but OpenSSH "abuses"
our API by making copies and restoring RC4_KEY, thus ruining the
alignment and making it impossible to recover the key schedule.
PR: 1114
2005-06-26 16:09:29 +00:00
Andy Polyakov
c49a0aa08d Replace emms with finit in x86cpuid. 2005-06-24 16:32:10 +00:00
Richard Levitte
97b708910a Wrap the inclusion of openssl/engine.h with a protective check for
the absence of OPENSSL_NO_ENGINE.
2005-06-23 22:08:47 +00:00
Richard Levitte
2f6ebed1dc Wrap the inclusion of openssl/engine.h with a protective check for
the absence of OPENSSL_NO_ENGINE.

PR: 1123
2005-06-23 21:57:40 +00:00
Richard Levitte
156f657209 Do not defined des_crypt(), since it clashes with Solaris crypt.h.
PR: 1125
2005-06-23 21:53:56 +00:00
Richard Levitte
816f74d1c7 Initialise dir to avoid a compiler warning. 2005-06-23 21:49:21 +00:00
Richard Levitte
1110cea007 Update for Stratus VOS.
PR: 1130
2005-06-23 21:27:21 +00:00
Richard Levitte
0e441bc2be Change dir_ctrl to check for the environment variable before using the default
directory instead of the other way around.

PR: 1131
2005-06-23 21:14:15 +00:00
Andy Polyakov
c25f2f1cbf Missed -c in IRIX rules. 2005-06-23 20:37:29 +00:00
Andy Polyakov
62526671e9 Typo in bn-mips3 rule. 2005-06-23 16:24:51 +00:00
Andy Polyakov
88ebf53577 Rename mips3.o to bn-mips3.o [it's better in long run] and adjust the
rule to accomodate gcc4, which no longer support SGI as.
2005-06-23 16:23:06 +00:00
Andy Polyakov
02c31fa461 Jumbo Makfiles update.
- eliminate ambiguities between GNU-ish and SysV-ish make flavors;
- switch [back] to -e;
- fold/unify rules;

This is follow-up to the patch introducing common BUILDENV. Idea is
to collect as much parameters in $(TOP) as possible and "strip" lower
Makefiles for most variables [and thus makes them more readable].
2005-06-23 00:03:26 +00:00
Dr. Stephen Henson
f5d51a9362 Fix extension ordering. 2005-06-22 13:26:23 +00:00
Richard Levitte
0fc6b2c9e2 Do no try to pretend we're at the end of anything unless we're at the end
of a 4-character block.
2005-06-20 22:11:14 +00:00
Andy Polyakov
e442c36252 Solaris x86_64 /usr/ccs/bin/as support. 2005-06-20 14:56:48 +00:00
Richard Levitte
4bd46774bb Move the definition of DEVRANDOM for DJGPP from Configure to e_os.h.
That should solve the issues with propagating it through the Makefiles.

PR: 1110
2005-06-18 04:42:24 +00:00
Richard Levitte
283c3e2437 Only define ZLIB_SHARED if it hasn't already been defined (on the command
line, for example).

PR: 1112
2005-06-18 04:32:12 +00:00
Richard Levitte
b764ab9537 Netware patch submitted by Verdon Walker" <VWalker@novell.com> in PR
1107.  He says:

This is a followup to the NetWare patch that was applied to beta3.  It
does the following:

- Fixes a problem in the CLib build with undefined symbols.

- Adds the ability to use BSD sockets as the default for the OpenSSL
  socket BIO.  NetWare supports 2 flavors of sockets and our Apache
  developers need BSD sockets as a configurable option when building
  OpenSSL.  This adds that for them.

- Updates to the INSTALL.NW file to explain new options.

I have tried very hard to make sure all the changes are in NetWare
specific files or guarded carefully to make sure they only impact
NetWare builds.  I have tested the Windows build to make sure it does
not break that since we have made changes to mk1mf.pl.

We are still working the gcc cross compile for NetWare issue and hope
to have a patch for that before beta 6 is released.
2005-06-13 03:23:50 +00:00
Andy Polyakov
21ac2b964b Eliminate gcc -pedantic warnings. 2005-06-09 21:41:44 +00:00
Andy Polyakov
79e1dd65ab Allow for dso load by explicit path on HP-UX. 2005-06-09 20:52:24 +00:00
Richard Levitte
13e393607b When the return type of the function is int, it's better to return an
in than NULL, especially when an error is signalled with a negative
value.
2005-06-09 17:28:53 +00:00
Andy Polyakov
dffdb56b7f "Liberate" dtls from BN dependency. Fix bug in replay/update. 2005-06-07 22:21:14 +00:00
Dr. Stephen Henson
a78c0632ed Fix for padding X9.31 padding check and zero padding bytes. 2005-06-06 22:39:43 +00:00
Andy Polyakov
8fa6a40be2 Allow BIO_s_file to open and sequentially access files larger than 2GB on
affected platforms.
PR: 973
2005-06-06 11:58:31 +00:00
Richard Levitte
3ecbd099eb _GNU_SOURCE needs to be defined before any standard header. 2005-06-06 00:50:52 +00:00
Richard Levitte
d1acb9b44f Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER
and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true),
depending on which is true.  Use those flags everywhere else to provide
the correct implementation for handling certain operations in q PQ_64BIT.
2005-06-06 00:32:11 +00:00
Richard Levitte
51054a1b39 Change pq_compat.h to trust the macros defined by bn.h a bit more, and thereby
provide better generic support for environments that do not have 64-bit
integers.  Among others, this should solve PR 1086
2005-06-05 22:42:58 +00:00
Richard Levitte
0b0a60d861 Old typo...
PR: 1097
2005-06-05 21:54:48 +00:00
Andy Polyakov
7ed876533a New function, DSO_pathbyaddr, to find pathname for loaded shared object
by an address within it. Tested on Linux, Solaris, IRIX, Tru64, Darwin,
HP-UX, Win32, few BSD flavors...
2005-06-05 18:13:38 +00:00
Andy Polyakov
c7aaf3918d Fix inconsistensy between 8 and HEAD. 2005-06-02 18:28:27 +00:00
Andy Polyakov
d51204f1b1 PSS update [from 0.9.7]. 2005-06-02 18:25:36 +00:00
Nils Larsch
b3f6325988 check return value 2005-06-01 22:35:01 +00:00
Dr. Stephen Henson
3129acbd83 Update from 0.9.7-stable. 2005-06-01 22:14:04 +00:00
Richard Levitte
12f89d32b5 Synchronise yet a little more with the Unixly build 2005-06-01 16:24:15 +00:00
Nils Larsch
88737991d2 fix assertion 2005-05-31 20:39:16 +00:00
Nils Larsch
63d740752f changes from 0.9.8 2005-05-31 18:22:53 +00:00
Andy Polyakov
165fca51e0 "Show" more respect to no-sha* config options.
PR: 1086
2005-05-31 16:36:27 +00:00
Andy Polyakov
20a85e9f69 Missing sparcv8.o rule.
PR: 1082
2005-05-31 12:17:35 +00:00
Andy Polyakov
f8bc3e1bd8 Platform update from 8-stable. 2005-05-31 11:07:27 +00:00
Richard Levitte
b29228836a DJGPP changes. Contributed by Doug Kaufman <dkaufman@rahul.net> 2005-05-30 22:37:44 +00:00
Richard Levitte
188b05792f pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.

Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
2005-05-30 22:34:37 +00:00
Richard Levitte
575901e537 Synchronise with Unixly build 2005-05-30 22:26:30 +00:00
Dr. Stephen Henson
ffd1df0579 Update from stable branch. 2005-05-30 00:29:16 +00:00
Richard Levitte
80b168a5a9 We have some source with \r\n as line ends. DEC C informs about that,
and I really can't be bothered...
2005-05-29 12:13:51 +00:00
Richard Levitte
9426364be9 Typo 2005-05-29 12:11:50 +00:00
Dr. Stephen Henson
429168e7ee Add pss/x931 files. 2005-05-28 20:44:37 +00:00
Dr. Stephen Henson
499fca2db3 Update from 0.9.7-stable. Also repatch and rebuild error codes. 2005-05-28 20:44:02 +00:00
Bodo Möller
a28a5d9c62 Use BN_with_flags() in a cleaner way. 2005-05-27 15:38:53 +00:00
Dr. Stephen Henson
3f791ca818 Assing check_{cert,crl}_time to 'ok' variable so it returns errors on
expiry.
2005-05-27 13:19:25 +00:00
Bodo Möller
0ebfcc8f92 make sure DSA signing exponentiations really are constant-time 2005-05-26 04:40:52 +00:00
Bodo Möller
c61f571ce0 check BN_copy() return value 2005-05-26 04:30:49 +00:00
Richard Levitte
85991994df It seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512
was still active when it came down to the functions.  mkdef.pl should really
be corrected, but that'll be another day...
2005-05-24 03:39:08 +00:00
Richard Levitte
b172dec864 DEC C complains about bad subscript, but we know better, so let's shut it up. 2005-05-24 03:22:53 +00:00
Andy Polyakov
61391e2314 Be more consistent with OPENSSL_NO_SHA256. 2005-05-22 10:27:59 +00:00
Andy Polyakov
4b23506594 OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to
make no-sha512 more effective on platforms, which don't support 64-bit
integer type of *any* kind.
2005-05-22 08:55:15 +00:00
Andy Polyakov
82d3dda8a1 Still SEGV trouble in .init segment under Solaris x86... 2005-05-21 17:49:10 +00:00
Richard Levitte
fe8bf9560d When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html.

Notified by David Wolfe <dwolfe5272@yahoo.com>
2005-05-21 17:39:43 +00:00
Ben Laurie
fe977f7512 Propagate BUILDENV into subdirectories. 2005-05-21 16:13:36 +00:00
Andy Polyakov
e476f94212 Move _WIN32_WINNT definition from command line to e_os.h. The change is
inspired by VC6 failure report. In addition abstain from taking screen
snapshots when running in NT service context.
2005-05-21 13:19:27 +00:00
Nils Larsch
bbbd67108f fix typo, add prototype 2005-05-20 22:55:10 +00:00
Nils Larsch
7f246621b5 fix potential memory leak
Submitted by: Goetz Babin-Ebell
2005-05-19 22:10:40 +00:00
Nils Larsch
3f4657d131 fix "dereferencing type-punned pointer will break strict-aliasing rules"
warning when using gcc 4.0
2005-05-19 12:01:51 +00:00
Nils Larsch
67ffa18cce make the type parameter const when ID2_OF_const() is used 2005-05-18 22:30:38 +00:00
Andy Polyakov
c50226594d Don't emit SSE2 instructions unless were asked to.
PR: 1073
2005-05-18 08:42:08 +00:00
Andy Polyakov
51ff6bde38 Engage Applink in mingw. Note that application-side module is not
compiled into *our* aplpications. That's because mingw is always
consistent with itself. Having library-side code linked into .dll
makes it possible to deploy the .dll with user-code compiled with
another compiler [which is pretty much the whole point behind Applink].
2005-05-18 08:16:46 +00:00
Richard Levitte
c800a070b5 I just branched 0.9.8, so HEAD needs to be bumped to 0.9.9-dev.
The 0.9.8 branch is called OpenSSL_0_9_8-stable.
2005-05-18 03:58:34 +00:00
Andy Polyakov
53d8996764 Engage Applink for VC builds. 2005-05-17 16:50:46 +00:00
Nils Larsch
8712009778 simplify EC_KEY_dup 2005-05-17 12:23:16 +00:00
Bodo Möller
f468e3824a fix memory leak (BIO_free_all needs pointer to first BIO)
PR: 1070
2005-05-17 05:52:24 +00:00
Andy Polyakov
ea1b02db6a OPENSSL_Applink update. 2005-05-17 00:08:28 +00:00
Andy Polyakov
25a66ee3cb Move cryptlib.h prior bio.h. Actually it makes sense to include cryptlib.h
first everywhere in crypto and skip stdio.h and string.h [because it
includes them].
2005-05-17 00:01:48 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
2005-05-16 16:55:47 +00:00
Andy Polyakov
7abbffc3fb Further BUILDENV clean-up, 'make depend' is operational again. 2005-05-16 14:24:45 +00:00
Nils Larsch
9dd8405341 ecc api cleanup; summary:
- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
2005-05-16 10:11:04 +00:00
Bodo Möller
46a643763d Implement fixed-window exponentiation to mitigate hyper-threading
timing attacks.

BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.

Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2005-05-16 01:43:31 +00:00
Bodo Möller
10cde5010d make update 2005-05-16 00:27:37 +00:00
Andy Polyakov
734540f887 Consolidate BUILDENV [idea is to keep all variables in one place]. 2005-05-15 23:53:34 +00:00
Andy Polyakov
804515425a +20% performance improvement of P4-specific RC4_CHAR loop. 2005-05-15 22:43:00 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
b6995add5c Make -CSP option work again in pkcs12 utility by checking for
attribute in EVP_PKEY structure.
2005-05-15 00:54:45 +00:00
Dr. Stephen Henson
8ccd06c66c openssl_fcast should always be defined, not just with DEBUG_SAFESTACK 2005-05-14 12:58:20 +00:00
Dr. Stephen Henson
fe86616c72 Some C compilers produce warnings or compilation errors if an attempt
is made to directly cast a function of one type to what it considers and
incompatible type. In particular gcc 3.4.2.

Add new openssl_fcast macro to place functions into a form where the compiler
will allow them to be cast.

The current version achives this by casting to: void function(void).
2005-05-12 23:01:44 +00:00
Dr. Stephen Henson
ba2ba27008 Avoid warnings. 2005-05-12 22:40:19 +00:00
Dr. Stephen Henson
c596c795bf Typo. 2005-05-12 17:28:53 +00:00
Ben Laurie
4b26fe30de There must be an explicit way to build the .o! 2005-05-11 16:39:05 +00:00
Bodo Möller
8afca8d9c6 Fix more error codes.
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
2005-05-11 03:45:39 +00:00
Nils Larsch
8b15c74018 give EC_GROUP_new_by_nid a more meanigful name:
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
2005-05-10 11:37:47 +00:00
Andy Polyakov
e19e549041 Comply with optimization manual (no data should share cache-line with code). 2005-05-09 21:48:01 +00:00
Andy Polyakov
d7561ac576 Allow for 64-bit cache-line alignments in code segment. 2005-05-09 21:27:40 +00:00
Bodo Möller
fbeaa3c47d Update util/ck_errf.pl script, and have it run automatically
during "make errors" and thus during "make update".

Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
2005-05-09 00:27:37 +00:00
Bodo Möller
b0ac0a8ef8 improve comment readability 2005-05-09 00:06:54 +00:00
Nils Larsch
7dc17a6cf0 give EC_GROUP_*_nid functions a more meaningful name
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
	EC_GROUP_set_nid -> EC_GROUP_set_curve_name
2005-05-08 22:09:12 +00:00
Andy Polyakov
b6223d2f70 Eliminate "statement with no effect" warning when OPENSSL_assert macro
is used with constant assertion.
2005-05-08 19:54:33 +00:00
Andy Polyakov
5d0d60e2f5 x86_64 assembler translator update. 2005-05-07 08:13:51 +00:00
Andy Polyakov
57ee007035 Fix constants.
PR: 1059
2005-05-07 08:11:50 +00:00
Richard Levitte
82e8cb403a Since BN_LLONG will only be defined for Alpha/VMS and not VAX/VMS,
there's no need to undefine it here.  Then, let's get a bit paranoid
and not define BN_ULLONG on THIRTY_TWO_BIT machines when BN_LLONG
isn't defined.
2005-05-06 13:34:35 +00:00
Nils Larsch
2c288b2a7e fix compiler warning; pow10 is also in math.h 2005-05-05 20:57:37 +00:00
Andy Polyakov
0ee883650d Commentary update motivating code update in 0.9.7. 2005-05-04 14:51:38 +00:00
Andy Polyakov
70cf309517 x86_64 assembler translator update. 2005-05-04 08:42:47 +00:00
Andy Polyakov
8b5bf52ac2 Cvs missed adapted module itself, here it goes... 2005-05-03 23:03:31 +00:00
Andy Polyakov
73a9485081 Engage md5-x86_64 assembler module. 2005-05-03 22:59:17 +00:00
Andy Polyakov
d37a65bc81 Throw in md5-x86_64 assembler. 2005-05-03 22:56:15 +00:00
Andy Polyakov
34c7ff6dc9 Cygwin doesn't expose Win32 [not "officially"]. 2005-05-03 21:20:17 +00:00
Andy Polyakov
647907918d Commentary update. 2005-05-03 21:16:42 +00:00
Andy Polyakov
cee73df3bd Cpuid modules updates. 2005-05-03 21:05:06 +00:00
Nils Larsch
f15c448a72 remove BN_ncopy, it was only used in bn_nist.c and wasn't particular
useful anyway
2005-05-03 20:27:00 +00:00
Nils Larsch
fcb41c0ee8 rewrite of bn_nist.c, disable support for some curves on 64 bit platforms
for now (it was broken anyway)
2005-05-03 20:23:33 +00:00
Andy Polyakov
5f1841cdca Rename amd64 modules to x86_64 and update RC4 implementation. 2005-05-03 15:42:05 +00:00
Andy Polyakov
4b45051902 x86_64 assembler translator update. 2005-05-03 15:35:14 +00:00
Dr. Stephen Henson
05338b58ce Support for smime-type MIME parameter. 2005-05-01 12:46:57 +00:00
Andy Polyakov
405d9761a5 Allow for ./config no-sha0 [from stable]. 2005-04-30 21:51:41 +00:00
Dr. Stephen Henson
98a2fd32a0 Typo. 2005-04-30 18:07:30 +00:00
Dr. Stephen Henson
7bdeeb64ac Don't attempt to parse nested ASN1 strings by default. 2005-04-30 18:02:54 +00:00
Dr. Stephen Henson
e1cc0671ac Use more efficient way to locate end of an ASN1 structure. 2005-04-30 13:06:45 +00:00
Nils Larsch
c1a8a5de13 don't let BN_CTX_free(NULL) segfault 2005-04-29 21:20:31 +00:00
Nils Larsch
6a50d0a422 hide the definition of ECDSA_METHOD and ECDSA_DATA (and mutatis mutandis
for ecdh)
2005-04-29 15:56:06 +00:00
Nils Larsch
1897c89302 avoid warnings when building on systems where sizeof(void *) > sizeof(int) 2005-04-29 14:26:59 +00:00
Andy Polyakov
3cc54008eb Pointer to BN_MONT_CTX could be used uninitialized. 2005-04-28 08:49:01 +00:00
Richard Levitte
ff8bcccdd4 Synchronise with Unix build system. 2005-04-28 04:55:28 +00:00
Dr. Stephen Henson
a93b01be57 Increase offset for BIO_f_enc() to avoid problems with overlapping buffers
when decrypting data.
2005-04-28 00:21:29 +00:00
Dr. Stephen Henson
6c61726b2a Lots of Win32 fixes for DTLS.
1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
2005-04-27 16:27:14 +00:00
Nils Larsch
df9e0bf507 add missing parentheses 2005-04-27 07:57:50 +00:00
Dr. Stephen Henson
879b19801a Change method_mont_p from (char *) to (BN_MONT_CTX *) and remove several
casts.
2005-04-27 00:04:59 +00:00
Dr. Stephen Henson
6ec8e63af6 Port BN_MONT_CTX_set_locked() from stable branch.
The function rsa_eay_mont_helper() has been removed because it is no longer
needed after this change.
2005-04-26 23:58:54 +00:00
Dr. Stephen Henson
465b9f6b26 Stop unused variable warning. 2005-04-26 23:45:49 +00:00
Dr. Stephen Henson
2deadf1672 Port from stable branch. 2005-04-26 23:21:49 +00:00
Nils Larsch
800e400de5 some updates for the blinding code; summary:
- possibility of re-creation of the blinding parameters after a
  fixed number of uses (suggested by Bodo)
- calculatition of the rsa::e in case it's absent and p and q
  are present (see bug report #785)
- improve the performance when if one rsa structure is shared by
  more than a thread (see bug report #555)
- fix the problem described in bug report #827
- hide the definition ot the BN_BLINDING structure in bn_blind.c
2005-04-26 22:31:48 +00:00
Dr. Stephen Henson
667aef4c6a Port from stable branch. 2005-04-26 22:07:17 +00:00
Bodo Möller
aa4ce7315f Fix various incorrect error function codes.
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
2005-04-26 18:53:22 +00:00
Bodo Möller
0d5ea7613e make update 2005-04-26 18:09:21 +00:00
Ben Laurie
36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Bodo Möller
2e7245f5a3 Use OPENSSL_NO_CAST, not OPENSSL_NO_CAST5 in e_old.c
PR: 959
2005-04-25 23:09:00 +00:00
Andy Polyakov
3d5fd31280 Avoid L1 cache aliasing even between key and S-boxes. 2005-04-24 21:09:20 +00:00
Nils Larsch
9edf4e8157 make asn.1 field names const 2005-04-23 13:45:49 +00:00
Nils Larsch
965a1cb92e change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible 2005-04-23 10:11:16 +00:00
Ben Laurie
e9ad6665a5 Add debug target, remove cast, note possible bug. 2005-04-23 06:05:24 +00:00
Ben Laurie
b5855b2f32 Add prototypes. 2005-04-22 23:57:46 +00:00
Nils Larsch
a0bee97e55 more const 2005-04-22 21:57:36 +00:00
Nils Larsch
ff22e913a3 - use BN_set_negative and BN_is_negative instead of BN_set_sign
and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"
2005-04-22 20:02:44 +00:00
Andy Polyakov
04d0d0accf Avoid aliasing between stack frames and S-boxes. Compress prefetch code. 2005-04-22 11:49:32 +00:00
Richard Levitte
630e4a6e59 Provide a default OPENSSL_ia32cap_loc for non-Intel platforms where
util/libeay.num is important when building shared libraries, like
VMS.
2005-04-21 09:10:19 +00:00
Dr. Stephen Henson
2c45bf2bc9 Rename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts.
Remove more bogus shadow warnings.
2005-04-20 21:48:06 +00:00
Dr. Stephen Henson
836ec0c764 Stop compiler warnings about deprecated lvalue casts. 2005-04-20 21:39:13 +00:00
Dr. Stephen Henson
5e72fb063a Stop bogus shadowing warning. 2005-04-20 21:34:29 +00:00
Richard Levitte
a74286d636 Make sure id2_func is properly cast as well... 2005-04-20 13:17:42 +00:00
Richard Levitte
254cfe878e signed vs. unsigned. 2005-04-20 13:12:33 +00:00
Richard Levitte
ed824195a1 Avoid compiler complaint about mismatched function signatures
(void * != char *)
2005-04-20 13:09:46 +00:00
Richard Levitte
22c3600e4c Resolve signed vs. unsigned. 2005-04-20 12:55:15 +00:00
Richard Levitte
49f386578e Type mismatch detected by DEC C compiler. void* != void** 2005-04-20 12:53:50 +00:00
Richard Levitte
7c671508bd Avoid compiler complaint about mismatched function signatures
(void * != RSA *)
2005-04-20 10:02:16 +00:00
Dr. Stephen Henson
987bebaf8c New "algorithm define" OPENSSL_NO_GMP. Update mkdef.pl and Configure script
to use it.
2005-04-19 13:24:44 +00:00
Dr. Stephen Henson
f68854b4c3 Various Win32 and other fixes for warnings and compilation errors.
Fix Win32 build system to use 'Makefile' instead of 'Makefile.ssl'.
2005-04-19 00:12:36 +00:00
Andy Polyakov
1cfd258ed6 Throw in x86_64 AT&T to MASM assembler converter to facilitate development
of dual-ABI Unix/Win64 modules.
2005-04-17 21:05:57 +00:00
Richard Levitte
2906dc8601 Synchronise with ec/Makefile. 2005-04-17 09:07:37 +00:00
Andy Polyakov
c8d5c71af5 Mitigate cache-timing attack in CBC mode. This is done by implementing
compressed tables (2x compression factor) and by pre-fetching them into
processor cache prior every CBC en-/decryption pass. One can argue why
just CBC? Well, it's commonly used mode in real-life applications and
API allows us to amortize the prefetch costs for larger data chunks...
2005-04-16 15:23:21 +00:00
Dr. Stephen Henson
fbe6ba81e9 Check return values of <Digest>_Init functions in low level digest calls. 2005-04-14 22:58:44 +00:00
Andy Polyakov
2b85e23d2e Prototype mnemonics in padlock_verify_context for better portability
[read support for Solaris assembler].
2005-04-14 07:47:10 +00:00
Andy Polyakov
026bb0b96a Fix for bug emerged in openvpn conext. 2005-04-14 07:41:29 +00:00
Andy Polyakov
e62991a07c Zap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL. 2005-04-13 20:51:42 +00:00
Andy Polyakov
1bf955920a Fix typos. 2005-04-13 15:41:11 +00:00
Andy Polyakov
51d28013db Introduce OPENSSL_NONPIC_relocated to denote relocated DLLs. 2005-04-13 08:46:35 +00:00
Andy Polyakov
9e88c82703 Minor cryptlib.c update: compiler warnings in OPENSSL_showfatal and
OPENSSL_stderr stub.
2005-04-13 06:55:42 +00:00
Dr. Stephen Henson
ad0db060b1 More overwritten stuff... 2005-04-12 16:36:36 +00:00
Dr. Stephen Henson
3547478fc8 Replace overwritten lines before error codes. 2005-04-12 16:17:53 +00:00
Dr. Stephen Henson
29dc350813 Rebuild error codes. 2005-04-12 16:15:22 +00:00
Dr. Stephen Henson
bc3cae7e7d Include error library value in C error source files instead of fixing up
at runtime.
2005-04-12 13:31:14 +00:00
Nils Larsch
37942fab51 include limits.h for UINT_MAX etc. 2005-04-11 20:59:58 +00:00
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Dr. Stephen Henson
b392e52050 Move allow_proxy_certs declaration to start of function. 2005-04-10 23:41:09 +00:00
Richard Levitte
d9bfe4f97c Added restrictions on the use of proxy certificates, as they may pose
a security threat on unexpecting applications.  Document and test.
2005-04-09 16:07:12 +00:00
Nils Larsch
f763e0b5ae make sure error queue is totally emptied
PR: 359
2005-04-07 22:53:35 +00:00
Andy Polyakov
9f2027e56d Implement OPENSSL_showfatal and make it Win32 GUI and service aware
[meaning that it will detect in which context application is running
and either write message to stderr, post a dialog or log an event].
2005-04-07 18:39:45 +00:00