Dr. Stephen Henson
adfd95c2ac
use different variable for chain iteration
2012-04-11 16:01:08 +00:00
Dr. Stephen Henson
80eb43519e
fix reset fix
2012-04-11 15:05:07 +00:00
Dr. Stephen Henson
bbe0c8c5be
make reinitialisation work for CMAC
2012-04-11 12:26:41 +00:00
Dr. Stephen Henson
5a34fcd76e
update rather ancient EVP digest documentation
2012-04-10 22:28:01 +00:00
Andy Polyakov
b1fd0ccb38
aes-s390x.pl: fix crash in AES_set_decrypt_key in linux32-s390x build.
2012-04-09 15:12:13 +00:00
Dr. Stephen Henson
b2284ed34a
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
...
Localize client hello extension parsing in t1_lib.c
2012-04-06 11:18:40 +00:00
Dr. Stephen Henson
a43526302f
Add support for automatic ECDH temporary key parameter selection. When
...
enabled instead of requiring an application to hard code a (possibly
inappropriate) parameter set and delve into EC internals we just
automatically use the preferred curve.
2012-04-05 13:38:27 +00:00
Dr. Stephen Henson
2131ce570a
add FAQ about version numbers
2012-04-05 13:16:37 +00:00
Andy Polyakov
45cd45bbbc
aes-armv4.pl: make it more foolproof [inspired by aes-s390x.pl in 1.0.1].
2012-04-05 08:30:22 +00:00
Andy Polyakov
bc9583efa2
aes-s390x.pl: make it more foolproof [inspired by 1.0.1].
2012-04-05 08:22:09 +00:00
Andy Polyakov
a20152bdaf
ssl/ssl_ciph.c: interim solution for assertion in d1_pkt.c(444).
...
PR: 2778
2012-04-04 20:45:51 +00:00
Dr. Stephen Henson
fd2b65ce53
Tidy up EC parameter check code: instead of accessing internal structures
...
add utility functions to t1_lib.c to check if EC certificates and parameters
are consistent with peer.
2012-04-04 14:41:01 +00:00
Dr. Stephen Henson
263c62467d
Update ordinals.
2012-04-03 23:13:23 +00:00
Andy Polyakov
82c5ac4599
CHANGES: harmonize with 1.0.0 and 1.0.1.
2012-03-31 18:56:27 +00:00
Dr. Stephen Henson
94e9215fbc
PR: 2778(part)
...
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com>
Time is always encoded as 4 bytes, not sizeof(Time).
2012-03-31 18:03:02 +00:00
Andy Polyakov
f62f792057
modes_lcl.h: make it work on i386.
...
PR: 2780
2012-03-31 17:02:46 +00:00
Andy Polyakov
5db9645f1b
vpaes-x86[_64].pl: handle zero length in vpaes_cbc_encrypt.
...
PR: 2775
2012-03-31 16:53:34 +00:00
Andy Polyakov
86963f40f8
util/cygwin.sh update.
...
PR: 2761
Submitted by: Corinna Vinschen
2012-03-31 11:06:46 +00:00
Dr. Stephen Henson
d3379de5a9
don't shadow
2012-03-30 15:43:32 +00:00
Andy Polyakov
4736eab947
bn/bn_gf2m.c: make new BN_GF2m_mod_inv work with BN_DEBUG_RAND.
2012-03-29 21:35:28 +00:00
Andy Polyakov
23a05fa0c1
modes/gcm128.c: fix self-test.
2012-03-29 18:25:38 +00:00
Andy Polyakov
482a7d80cf
sha512-armv4.pl: optimize NEON code path by utilizing vbsl, bitwise select.
2012-03-29 18:20:11 +00:00
Andy Polyakov
ee743dca53
perlasm/x86masm.pl: fix last fix.
2012-03-29 18:09:36 +00:00
Andy Polyakov
6da165c631
ans1/tasn_prn.c: avoid bool in variable names.
...
PR: 2776
2012-03-29 17:48:19 +00:00
Dr. Stephen Henson
d0595f170c
Initial revision of ECC extension handling.
...
Tidy some code up.
Don't allocate a structure to handle ECC extensions when it is used for
default values.
Make supported curves configurable.
Add ctrls to retrieve shared curves: not fully integrated with rest of
ECC code yet.
2012-03-28 15:05:04 +00:00
Dr. Stephen Henson
751e26cb9b
fix leak
2012-03-22 16:28:07 +00:00
Dr. Stephen Henson
f404acfa2c
Submitted by: Markus Friedl <mfriedl@gmail.com>
...
Fix memory leaks in 'goto err' cases.
2012-03-22 15:44:51 +00:00
Dr. Stephen Henson
7744ef1ada
use client version when deciding whether to send supported signature algorithms extension
2012-03-21 21:33:23 +00:00
Andy Polyakov
ed998634cd
e_padlock-x86[_64].pl: better understanding of prefetch errata and proper
...
workaround.
2012-03-19 20:23:32 +00:00
Andy Polyakov
884c580e05
eng_all.c: revert previous "disable Padlock" commit, which was unjustified.
2012-03-19 20:20:41 +00:00
Dr. Stephen Henson
bbbe61c958
Always use SSLv23_{client,server}_method in s_client.c and s_server.c,
...
the old code came from SSLeay days before TLS was even supported.
2012-03-18 18:16:46 +00:00
Andy Polyakov
df27a35137
vpaes-x86_64.pl: out-of-date Apple assembler fails to calculate
...
distance between local labels.
PR: 2762
2012-03-17 16:06:31 +00:00
Andy Polyakov
f9ef874a21
bsaes-x86_64.pl: optimize key conversion.
2012-03-16 21:44:19 +00:00
Andy Polyakov
442c9f13d4
bsaes-armv7.pl: optmize Sbox and key conversion.
2012-03-16 21:41:48 +00:00
Dr. Stephen Henson
156421a2af
oops, revert unrelated patches
2012-03-14 13:46:50 +00:00
Dr. Stephen Henson
61ad8262a0
update FAQ, NEWS
2012-03-14 13:44:57 +00:00
Andy Polyakov
5c88dcca5b
ghash-x86.pl: omit unreferenced rem_8bit from no-sse2 build.
2012-03-13 19:43:42 +00:00
Andy Polyakov
d2add2efaa
ssl/t1_enc.c: pay attention to EVP_CIPH_FLAG_CUSTOM_CIPHER.
2012-03-13 19:20:55 +00:00
Andy Polyakov
b2ae61ecf2
x86_64-xlate.pl: remove old kludge.
...
PR: 2435,2440
2012-03-13 19:19:08 +00:00
Dr. Stephen Henson
78dfd43955
corrected fix to PR#2711 and also cover mime_param_cmp
2012-03-12 16:32:19 +00:00
Dr. Stephen Henson
146b52edd1
Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and
...
continue with symmetric decryption process to avoid leaking timing
information to an attacker.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
2012-03-12 16:31:39 +00:00
Dr. Stephen Henson
13747c6fda
update NEWS
2012-03-12 16:23:00 +00:00
Dr. Stephen Henson
174b07be93
PR: 2744
...
Submitted by: Dmitry Belyavsky <beldmit@gmail.com>
CMS support for ccgost engine
2012-03-11 13:40:17 +00:00
Dr. Stephen Henson
15a40af2ed
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
...
Add more extension names in s_cb.c extension printing code.
2012-03-09 18:38:35 +00:00
Dr. Stephen Henson
ea6e386008
PR: 2756
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix DTLS timeout handling.
2012-03-09 15:52:33 +00:00
Dr. Stephen Henson
34b61f5a25
check return value of BIO_write in PKCS7_decrypt
2012-03-08 14:10:23 +00:00
Dr. Stephen Henson
e7f8ff4382
New ctrls to retrieve supported signature algorithms and curves and
...
extensions to s_client and s_server to print out retrieved valued.
Extend CERT structure to cache supported signature algorithm data.
2012-03-06 14:28:21 +00:00
Dr. Stephen Henson
62b6948a27
PR: 2755
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reduce MTU after failed transmissions.
2012-03-06 13:47:43 +00:00
Dr. Stephen Henson
0fbf8b9cea
PR: 2748
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix possible DTLS timer deadlock.
2012-03-06 13:26:15 +00:00
Dr. Stephen Henson
d895f7f060
don't do loop check for single self signed certificate
2012-03-05 15:48:13 +00:00