Andy Polyakov
1cfd258ed6
Throw in x86_64 AT&T to MASM assembler converter to facilitate development
...
of dual-ABI Unix/Win64 modules.
2005-04-17 21:05:57 +00:00
Richard Levitte
2906dc8601
Synchronise with ec/Makefile.
2005-04-17 09:07:37 +00:00
Andy Polyakov
c8d5c71af5
Mitigate cache-timing attack in CBC mode. This is done by implementing
...
compressed tables (2x compression factor) and by pre-fetching them into
processor cache prior every CBC en-/decryption pass. One can argue why
just CBC? Well, it's commonly used mode in real-life applications and
API allows us to amortize the prefetch costs for larger data chunks...
2005-04-16 15:23:21 +00:00
Dr. Stephen Henson
8fc6cb77c5
Fix from HEAD.
2005-04-14 22:59:17 +00:00
Dr. Stephen Henson
fbe6ba81e9
Check return values of <Digest>_Init functions in low level digest calls.
2005-04-14 22:58:44 +00:00
Andy Polyakov
2b85e23d2e
Prototype mnemonics in padlock_verify_context for better portability
...
[read support for Solaris assembler].
2005-04-14 07:47:10 +00:00
Andy Polyakov
026bb0b96a
Fix for bug emerged in openvpn conext.
2005-04-14 07:41:29 +00:00
Andy Polyakov
5dc4923359
Zap OPENSSL_EXTERN on symbols, which are meant to remain local to DLL.
...
Comment in HEAD commit was wrong!
2005-04-13 20:54:07 +00:00
Andy Polyakov
e62991a07c
Zap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL.
2005-04-13 20:51:42 +00:00
Andy Polyakov
5820d87a5f
Fix typos.
2005-04-13 15:41:56 +00:00
Andy Polyakov
1bf955920a
Fix typos.
2005-04-13 15:41:11 +00:00
Andy Polyakov
89b1fd98ac
Backport OPENSSL_NONPIC_relocated from HEAD.
2005-04-13 08:49:51 +00:00
Andy Polyakov
51d28013db
Introduce OPENSSL_NONPIC_relocated to denote relocated DLLs.
2005-04-13 08:46:35 +00:00
Andy Polyakov
e44f62c2b1
OPENSSL_showfatal, backport from HEAD.
2005-04-13 07:02:59 +00:00
Andy Polyakov
9e88c82703
Minor cryptlib.c update: compiler warnings in OPENSSL_showfatal and
...
OPENSSL_stderr stub.
2005-04-13 06:55:42 +00:00
Dr. Stephen Henson
ad0db060b1
More overwritten stuff...
2005-04-12 16:36:36 +00:00
Dr. Stephen Henson
3547478fc8
Replace overwritten lines before error codes.
2005-04-12 16:17:53 +00:00
Dr. Stephen Henson
29dc350813
Rebuild error codes.
2005-04-12 16:15:22 +00:00
Dr. Stephen Henson
342b7e0458
Rebuild error codes.
2005-04-12 13:47:58 +00:00
Dr. Stephen Henson
bc3cae7e7d
Include error library value in C error source files instead of fixing up
...
at runtime.
2005-04-12 13:31:14 +00:00
Dr. Stephen Henson
96534114a3
Include error library value in C error source files instead of fixing up
...
at runtime.
2005-04-12 13:30:45 +00:00
Nils Larsch
37942fab51
include limits.h for UINT_MAX etc.
2005-04-11 20:59:58 +00:00
Richard Levitte
d060fc9ff2
Now that things have been tagged properly, make preparations for the
...
next version in the 0.9.7 branch.
2005-04-11 15:15:09 +00:00
Richard Levitte
22e5a7935f
Prepare to release 0.9.7g.
...
The tag till be OpenSSL_0_9_7g.
2005-04-11 15:10:07 +00:00
Richard Levitte
93aeac64ce
Merge RFC3820 source into mainstream 0.9.7-stable.
2005-04-11 15:03:37 +00:00
Richard Levitte
9addd9b6fb
Add emacs cache files to .cvsignore.
2005-04-11 14:18:14 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Dr. Stephen Henson
b392e52050
Move allow_proxy_certs declaration to start of function.
2005-04-10 23:41:09 +00:00
Richard Levitte
d9bfe4f97c
Added restrictions on the use of proxy certificates, as they may pose
...
a security threat on unexpecting applications. Document and test.
2005-04-09 16:07:12 +00:00
Nils Larsch
f763e0b5ae
make sure error queue is totally emptied
...
PR: 359
2005-04-07 22:53:35 +00:00
Andy Polyakov
9f2027e56d
Implement OPENSSL_showfatal and make it Win32 GUI and service aware
...
[meaning that it will detect in which context application is running
and either write message to stderr, post a dialog or log an event].
2005-04-07 18:39:45 +00:00
Andy Polyakov
4d2b407ba2
Engage DllMain on Windows. Partial backport from HEAD. Unlike HEAD,
...
it doesn't get engaged on __CYGWIN__, because I'm not sure is *all*
Cygwin installations are equipped with windows.h...
2005-04-07 16:06:03 +00:00
Andy Polyakov
e1d51de41f
Harmonize cygwin/mingw and VC targets.
2005-04-07 15:51:55 +00:00
Andy Polyakov
81ee80ab88
+45% RC4 performance boost on Intel EM64T core. Unrolled loop providing
...
further +35% will follow...
Submitted by: Zou Nanhai
2005-04-06 09:45:42 +00:00
Nils Larsch
70f34a5841
some const fixes and cleanup
2005-04-05 10:29:43 +00:00
Nils Larsch
c2e40d0f9a
remove unused recp method
2005-04-04 18:15:59 +00:00
Andy Polyakov
0abfd60604
Extend Solaris x86 support to amd64.
2005-04-04 17:10:53 +00:00
Andy Polyakov
e5dbccc182
Solaris x86 linker erroneously pads .init segment with zeros instead of
...
nops, which causes SEGV at startup. So I don't align anymore.
2005-04-04 17:07:16 +00:00
Andy Polyakov
f8fa22d826
Some non-GNU compilers (such as Sun C) define __i386.
2005-04-04 17:05:06 +00:00
Andy Polyakov
631bae4723
Extend Solaris x86 support to amd64. Note that if both gcc and Sun C
...
are installed, it defaults to gcc, because it beats Sun C on every
benchmark. Also note that gcc shared build was verified to work woth
Sun C...
2005-04-03 19:16:58 +00:00
Andy Polyakov
f6bfb559f7
Downsync from HEAD.
...
PR: 1031
2005-04-03 18:54:46 +00:00
Andy Polyakov
60fd574cdf
Make bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially
...
introduced for a reason [like bug in initial gcc port], but proposed
=&r is treated correctly by senior 3.2, so we can assume it's safe now.
PR: 1031
2005-04-03 18:53:29 +00:00
Ben Laurie
73705abc34
If input is bad, we still need to clear the buffer.
2005-04-03 16:38:22 +00:00
Dr. Stephen Henson
7bdf8eed69
Typo
2005-04-01 21:56:15 +00:00
Dr. Stephen Henson
bbc0ac37b0
Typo.
2005-04-01 21:55:13 +00:00
Ben Laurie
8bb826ee53
Consistency.
2005-03-31 13:57:54 +00:00
cvs2svn
884b3fc23c
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2005-03-31 11:51:48 +00:00
Ben Laurie
45d10efc35
Simplicate and add lightness.
2005-03-31 10:55:55 +00:00
Ben Laurie
41a15c4f0f
Give everything prototypes (well, everything that's actually used).
2005-03-31 09:26:39 +00:00
Nils Larsch
fea4280a8b
fix header
2005-03-30 21:38:29 +00:00
Ben Laurie
42ba5d2329
Blow away Makefile.ssl.
2005-03-30 13:05:57 +00:00
Ben Laurie
0821bcd4de
Constification.
2005-03-30 10:26:02 +00:00
Nils Larsch
c01d2b974e
when building with OPENSSL_NO_DEPRECATED defined BN_zero is a macro
...
which cannot be evaluated in an if statement
2005-03-28 15:06:29 +00:00
Dr. Stephen Henson
8c04994bfe
Allow 'null' cipher and appropriate Kerberos ciphersuites in FIPS mode.
2005-03-27 03:36:14 +00:00
Andy Polyakov
989c0f8215
Resolve "operation size not specified" in NASM modules.
2005-03-26 19:32:31 +00:00
Ulf Möller
7a8c728860
undo Cygwin change
2005-03-24 00:14:59 +00:00
Ulf Möller
4cf8f9369c
undo Cygwin change
2005-03-23 22:01:57 +00:00
Ben Laurie
801fea5f11
Constification.
2005-03-23 08:21:30 +00:00
Dr. Stephen Henson
da26bcb5de
Update CHANGES, opensslv.h
2005-03-22 21:27:36 +00:00
Dr. Stephen Henson
5c1fd5e316
Update files ready for release.
2005-03-22 18:17:23 +00:00
Dr. Stephen Henson
f42a82777d
make update
2005-03-22 18:15:56 +00:00
Nils Larsch
41e455bfc4
test, remove unnecessary const cast
2005-03-22 17:55:18 +00:00
Ulf Möller
6d2a7098d6
Cygwin randomness
2005-03-19 11:40:41 +00:00
Ulf Möller
130db968b8
Use Windows randomness code on Cygwin
2005-03-19 11:39:17 +00:00
Ulf Möller
8d274837e5
fix breakage for Perl versions that do boolean operations on long words
2005-03-19 11:13:30 +00:00
Andy Polyakov
b43b9de9e4
Real Bourne shell doesn't accept ! as in "if ! grep ..." Fix this in
...
crypto/Makefile and make Makefile.org and fips/Makefile more discreet.
2005-03-15 09:46:14 +00:00
Bodo Möller
9f6715d4bb
"make depend". This takes into account the algorithms that are now
...
disabled by default (MDC2 and RC5), which until now were skipped
by "make links" and yet supposedly required by some of the Makefiles,
meaning that the recent snapshots failed to compile.
Problem reported by Nils Larsch.
2005-03-13 19:49:47 +00:00
Andy Polyakov
1642000707
Cygwin to use DSO_FLFCN and mingw to use DSO_WIN32.
2005-03-12 11:28:41 +00:00
Andy Polyakov
9d14506f29
Cygwin to use DSO_FLFCN and mingw to use DSO_WIN32 (required for FIPS).
2005-03-12 11:28:22 +00:00
Andy Polyakov
2cf68c0b1a
Avoid re-build avalanches with HP-UX make.
2005-03-12 09:13:15 +00:00
Andy Polyakov
f7f2125522
Avoid re-build avalanches with HP-UX make.
2005-03-12 09:12:44 +00:00
Bodo Möller
2b61034b0b
fix potential memory leak when allocation fails
...
PR: 801
Submitted by: Nils Larsch
2005-03-11 09:01:24 +00:00
Bodo Möller
97d49cdd6f
fix potential memory leak when allocation fails
...
PR: 801
Submitted by: Nils Larsch
2005-03-11 09:00:59 +00:00
Bodo Möller
80c808b90b
Fix typo
...
PR: 1017
Submitted by: ciresh@yahoo.com
Reviewed by: Nils Larsch
2005-03-09 19:08:02 +00:00
Lutz Jänicke
f69a8aebab
Fix hang in EGD/PRNGD query when communication socket is closed
...
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>
2005-02-19 10:19:07 +00:00
Lutz Jänicke
e22e6bf0be
Fix hang in EGD/PRNGD query when communication socket is closed
...
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>
2005-02-19 10:17:26 +00:00
Dr. Stephen Henson
2ecf923286
Avoid possible memory leak.
2005-02-14 21:54:29 +00:00
Dr. Stephen Henson
9d10b15ef9
Fix possible memory leak.
2005-02-14 21:53:24 +00:00
Andy Polyakov
da30c74a27
Remove unused assembler modules.
2005-02-06 13:43:02 +00:00
Andy Polyakov
67ea999d4a
This patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF
...
and GNU binutils, but kept BSD make... And I took the opportunity to
unify other targets to this common least denominator...
2005-02-06 13:23:34 +00:00
Dr. Stephen Henson
66d68327cb
Avoid memory leak.
2005-01-31 01:40:39 +00:00
Dr. Stephen Henson
7cfcca8ba3
Further FIPS algorithm blocking.
...
Fixes to cipher blocking and enabling code.
Add option -non-fips-allow to 'enc' and update testenc.
2005-01-28 14:03:54 +00:00
Richard Levitte
8c3c570134
The first argument to load_iv should really be a char ** instead of an
...
unsigned char **, since it points at text.
Thanks to Nils Larsch <nils.larsch@cybertrust.com> for pointing out
the inelegance of our code :-)
2005-01-27 11:42:28 +00:00
Richard Levitte
0cae19f5ef
The first argument to load_iv should really be a char ** instead of an
...
unsigned char **, since it points at text.
Thanks to Nils Larsch <nils.larsch@cybertrust.com> for pointing out
the inelegance of our code :-)
2005-01-27 11:42:25 +00:00
Dr. Stephen Henson
6be00c7e16
More FIPS algorithm blocking.
...
Catch attempted use of non FIPS algorithms with HMAC.
Give an assertion error for applications that ignore FIPS digest errors.
Make -non-fips-allow work with dgst and HMAC.
2005-01-27 01:49:42 +00:00
Richard Levitte
bf746f0f46
Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might
...
cause a segfault... This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...
2005-01-27 01:49:25 +00:00
Richard Levitte
532d936be8
Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might
...
cause a segfault... This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...
2005-01-27 01:49:23 +00:00
Richard Levitte
a229e3038e
Get rid if the annoying warning
2005-01-27 01:47:31 +00:00
Richard Levitte
d88edf1447
Get rid if the annoying warning
2005-01-27 01:47:27 +00:00
Dr. Stephen Henson
f60fc19a69
make update
2005-01-26 20:05:46 +00:00
Dr. Stephen Henson
d0edffc7da
FIPS algorithm blocking.
...
Non FIPS algorithms are not normally allowed in FIPS mode.
Any attempt to use them via high level functions will return an error.
The low level non-FIPS algorithm functions cannot return errors so they
produce assertion failures. HMAC also has to give an assertion error because
it (erroneously) can't return an error either.
There are exceptions (such as MD5 in TLS and non cryptographic use of
algorithms) and applications can override the blocking and use non FIPS
algorithms anyway.
For low level functions the override is perfomed by prefixing the algorithm
initalization function with "private_" for example private_MD5_Init().
For high level functions an override is performed by setting a flag in
the context.
2005-01-26 20:00:40 +00:00
Andy Polyakov
fbdce13e5a
Please BSD make...
2005-01-25 22:09:11 +00:00
Andy Polyakov
e532a6c449
FreeBSD 5 refuses to #include <malloc.h>. Fix compiler warning after
...
http://cvs.openssl.org/chngview?cn=12843 .
2005-01-25 22:07:22 +00:00
Andy Polyakov
8359421d90
Default to AES u32 being unsinged int and not long. This improves cache
...
locality on 64-bit platforms (and fixes IA64 assembler-empowered build:-).
The choice is guarded by newly introduced AES_LONG macro, which needs
to be defined only on 16-bit platforms which we don't support (not that
I know of). Meaning that one could as well skip long option altogether.
2005-01-24 14:22:05 +00:00
Andy Polyakov
efde5230f1
Improve ECB performance (48+14*rounds -> 18+13*rounds) and reserve for
...
hand-coded zero-copy AES_cbc_encrypt.
2005-01-24 14:14:53 +00:00
Andy Polyakov
bac252a5e3
Bug-fix in CBC encrypt tail processing and commentary section update.
2005-01-20 10:33:37 +00:00
Andy Polyakov
addb6e16a8
Throw in AES CBC assembler, up to +40% on aes-128-cbc benchmark.
2005-01-18 01:04:41 +00:00
Andy Polyakov
ed65fab910
Reserve for AES CBC assembler implementation...
2005-01-18 00:43:32 +00:00
Andy Polyakov
90cc40911b
Don't zap AES CBC IV, when decrypting truncated content in place.
2005-01-18 00:26:52 +00:00
Andy Polyakov
134d6a44ec
Don't zap AES CBC IV, when decrypting truncated content in place.
2005-01-18 00:24:55 +00:00
Richard Levitte
a7201e9a1b
Changes concering RFC 3820 (proxy certificates) integration:
...
- Enforce that there should be no policy settings when the language
is one of id-ppl-independent or id-ppl-inheritAll.
- Add functionality to ssltest.c so that it can process proxy rights
and check that they are set correctly. Rights consist of ASCII
letters, and the condition is a boolean expression that includes
letters, parenthesis, &, | and ^.
- Change the proxy certificate configurations so they get proxy
rights that are understood by ssltest.c.
- Add a script that tests proxy certificates with SSL operations.
Other changes:
- Change the copyright end year in mkerr.pl.
- make update.
2005-01-17 17:06:58 +00:00
Dr. Stephen Henson
420eb6a306
PKCS7_verify() performance optimization. When the content is large and a
...
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.
2005-01-14 17:53:16 +00:00
Dr. Stephen Henson
fcd5cca418
PKCS7_verify() performance optimization. When the content is large and a
...
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.
2005-01-14 17:52:24 +00:00
Andy Polyakov
ea28f93c2d
Rely on e_os.h to appropriately define str[n]casecmp in non-POSIX
...
environments.
2005-01-14 16:22:02 +00:00
Andy Polyakov
adeb20b6b7
O_NOFOLLOW is not appropriate when opening /dev/* entries on Solaris.
...
PR: 998
2005-01-14 16:19:47 +00:00
Richard Levitte
086b64d0d3
make update
2005-01-14 00:16:31 +00:00
Andy Polyakov
e6d27baf52
Rely on e_os.h to appropriately define str[n]casecmp in non-POSIX
...
environments.
2005-01-13 15:46:09 +00:00
Andy Polyakov
e7e1150706
"Monolithic" x86 assembler replacement for aes_core.c. Up to +15% better
...
performance on recent microarchitectures.
2005-01-13 15:35:44 +00:00
Andy Polyakov
5d727078ac
Fix an "oops" typo! Well, it was a debugging left-over...
2005-01-13 15:25:30 +00:00
Andy Polyakov
108159ffcc
O_NOFOLLOW is not appropriate when opening /dev/* entries on Solaris.
...
PR: 998
2005-01-13 15:20:42 +00:00
Richard Levitte
b15a93a9c5
Correct a faulty address assignment, and add a length check (not
...
really needed now, but may be needed in the future, who knows?).
2005-01-12 09:53:20 +00:00
Richard Levitte
47c88d7413
Correct a faulty address assignment, and add a length check (not
...
really needed now, but may be needed in the future, who knows?).
2005-01-12 09:51:31 +00:00
Andy Polyakov
5cdf5e3308
Allow for ./config no-sha0.
...
PR: 993
2005-01-09 17:58:18 +00:00
Andy Polyakov
7de4b5b060
Permit "monolithic" AES assembler implementations, i.e. such which would
...
replace *whole* aes_core.c, not only AES_[de|en]crypt routines.
2005-01-09 16:01:58 +00:00
Andy Polyakov
02a00bb054
DJGPP update.
...
PR: 989
Submitted by: Doug Kaufman
2005-01-04 10:28:38 +00:00
Andy Polyakov
b58560b915
DJGPP update.
...
PR: 989
Submitted by: Doug Kaufman
2005-01-04 10:21:55 +00:00
Andy Polyakov
83f69163fd
Borrow #include <string[s].h> from e_os.h.
2004-12-31 00:01:23 +00:00
Andy Polyakov
3b4de6e4cc
Borrow #include <string[s].h> from e_os.h.
2004-12-31 00:00:05 +00:00
Andy Polyakov
bdbc9b4d1a
Make whiny compilers stop complaining about missing prototype.
2004-12-30 23:40:31 +00:00
Andy Polyakov
5ca3a0aa86
Make whiny compilers stop complaining about missing prototype.
2004-12-30 23:39:06 +00:00
Andy Polyakov
702be727c0
AES CBC and CFB performance tune-up from HEAD.
2004-12-30 22:57:19 +00:00
Andy Polyakov
25866e3982
Commentary update for AES IA-64 assembler module.
2004-12-30 10:55:02 +00:00
Andy Polyakov
3b3df98ca6
Minor AES x86 assembler tune-up.
2004-12-30 10:46:03 +00:00
Andy Polyakov
2e4a99f38b
AES-CFB[18] 2x optimization. Well, I bet nobody cares about AES-CFB1
...
performance, but anyway...
2004-12-30 10:43:33 +00:00
Andy Polyakov
f1ce306f30
Oops-kind typos in aes-ia64.S...
2004-12-28 17:10:42 +00:00
Richard Levitte
37b11ca78e
iv needs to be const because it sometimes takes it's value from a
...
const.
2004-12-28 10:35:13 +00:00
Richard Levitte
a17af9e277
Forgot to synchronise the VMS build scripts.
2004-12-28 10:22:00 +00:00
Richard Levitte
6951c23afd
Add functionality needed to process proxy certificates.
2004-12-28 00:21:35 +00:00
Andy Polyakov
de421076a5
Minor cygwin update.
...
PR: 949
2004-12-27 21:27:46 +00:00
Andy Polyakov
f709ffe832
Minor cygwin update.
...
PR: 949
2004-12-27 21:26:10 +00:00
Andy Polyakov
9850f7f6b2
Remove yet another redundant memcpy. Not at least performance critical,
...
essentially cosmetic modification...
2004-12-26 13:05:40 +00:00
Andy Polyakov
131e064e4a
Eliminate redundant memcpy of IV material. Performance improvement varies
...
from platform to platform and can be as large as 20%.
2004-12-26 12:31:37 +00:00
Andy Polyakov
556b8f3f77
Engage AES x86 assembler module for COFF and a.out targets.
2004-12-26 10:58:39 +00:00
Andy Polyakov
045d3285e2
Engage AES x86 assembler module on ELF platforms.
2004-12-23 21:44:28 +00:00
Andy Polyakov
d1df5b4339
x86 perlasm update to accomodate aes-586.pl.
2004-12-23 21:43:25 +00:00
Andy Polyakov
25558bf743
Eliminate copies of TeN and TdN, use those found in assembler module.
2004-12-23 21:40:23 +00:00
Andy Polyakov
713147109c
AES x86 assembler implementation.
2004-12-23 21:32:34 +00:00
Andy Polyakov
76ef6ac956
Refine PowerPC platform support.
2004-12-20 13:44:34 +00:00
Andy Polyakov
fb39cd850c
Improved PowerPC platform support.
2004-12-20 13:20:22 +00:00
Andy Polyakov
15bbc1574f
Backport of PPC BN module from HEAD.
2004-12-20 13:15:51 +00:00
Dr. Stephen Henson
a842df6659
Remove unused buffer 'buf'.
2004-12-20 00:49:36 +00:00
Richard Levitte
fbf218b8c3
make update (oops, missed this file)
2004-12-13 22:57:39 +00:00
Richard Levitte
3c97bd833b
Change libeay.num so it's synchronised with additions in 0.9.7-stable.
...
make update
2004-12-13 22:57:08 +00:00
Richard Levitte
37ece6156a
make update
2004-12-13 22:48:01 +00:00
Dr. Stephen Henson
965574039b
Remove duplicate lines.
2004-12-12 13:18:23 +00:00
Dr. Stephen Henson
5e8904f289
Remove duplicate lines.
2004-12-12 13:15:49 +00:00
Andy Polyakov
a661c1728f
Respect no-asm with fips option and disable FIPS DES assembler in
...
shared context [because it's not PIC].
2004-12-10 11:37:25 +00:00
Andy Polyakov
13e387c3fe
olaris x86 perlasm update [from HEAD].
2004-12-10 11:27:09 +00:00
Andy Polyakov
0c0788ba0a
Solaris x86 perlasm update.
2004-12-10 11:24:42 +00:00
Andy Polyakov
3dd16fb7fd
Eliminate false dependency on 386 config option is FIPS context.
...
At the same time limit assembler support to ELF platforms [that's
what is there, ELF modules].
2004-12-09 22:43:29 +00:00
Andy Polyakov
ab09133881
Engage SHA1 IA64 assembler on IA64 platforms [from HEAD].
2004-12-09 21:05:14 +00:00
Andy Polyakov
bd5a2195de
Postpone linking of shared libcrypto in FIPS build.
2004-12-09 18:03:23 +00:00
Andy Polyakov
905fd45b36
Engage SHA1 IA64 assembler on IA64 platforms.
2004-12-09 15:39:55 +00:00
Dr. Stephen Henson
c162b132eb
Automatically mark the CRL cached encoding as invalid when some operations
...
are performed.
2004-12-09 13:35:06 +00:00
Dr. Stephen Henson
a4c9668f3c
Automatically mark the CRL cached encoding as invalid when some operations
...
are performed.
2004-12-09 13:34:41 +00:00
cvs2svn
f1ca15dd69
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2004-12-09 11:57:39 +00:00
Andy Polyakov
b4e0ce5165
SHA1 assembler for IA-64.
2004-12-09 11:57:38 +00:00
Andy Polyakov
17f0e916db
Extend RC4 test.
2004-12-07 11:55:56 +00:00
Dr. Stephen Henson
41c70d47d7
Remaing bits of PR:620 relevant to 0.9.8.
2004-12-05 01:50:56 +00:00
Dr. Stephen Henson
ec46cd8bb8
Remaining parts of PR:620
2004-12-05 01:46:03 +00:00
Dr. Stephen Henson
da8534693c
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:04:44 +00:00
Dr. Stephen Henson
a0e7c8eede
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
c98175bf88
In by_file.c check last error for no start line, not first error.
2004-12-04 21:26:11 +00:00
Dr. Stephen Henson
3e66ee9f01
In by_file.c check last error for no start line, not first error.
2004-12-04 21:25:51 +00:00
Dr. Stephen Henson
8db8893cd7
V1 certificates that aren't self signed can't be accepted as CAs.
2004-12-03 00:10:59 +00:00
Dr. Stephen Henson
8f284faaec
V1 certificates that aren't self signed can't be accepted as CAs.
2004-12-03 00:10:34 +00:00
Andy Polyakov
3010b1730e
sha1_block_asm_data_order can't hash if message crosses 2GB boundary.
...
[back-port from HEAD branch]
2004-12-02 17:05:38 +00:00
Andy Polyakov
f670069a19
Back-port of RC4 assembler support for IA-64 from HEAD branch.
2004-12-02 10:54:36 +00:00
Andy Polyakov
575dbdc965
Downstream update from HEAD
2004-12-02 10:09:50 +00:00
Andy Polyakov
f774accdbf
Fix rc4-ia64.S to pass more exhaustive regression tests.
2004-12-02 10:07:55 +00:00
Dr. Stephen Henson
8544a80776
Add couple of OIDs. Resync NIDs for consistency with 0.9.7.
2004-12-01 18:09:53 +00:00
Dr. Stephen Henson
2e1366366e
Add two OIDs, make update
2004-12-01 17:55:07 +00:00
Andy Polyakov
fda344ece8
Complete backport of i386 RC4 assembler module from HEAD.
2004-12-01 15:45:34 +00:00
Andy Polyakov
280e3bd2c9
Downstream update from HEAD.
2004-12-01 15:30:50 +00:00
Andy Polyakov
7c69478064
I've introduced a bug to i386 RC4 assembler, which would emerge with
...
certain mix of calls to RC4 routine not covered by rc4test.c.
It's fixed now. In addition this patch inadvertently fixes minor
performance problem: in 0.9.7 context P4 was performing 12% slower
than the original implementation...
2004-12-01 15:28:18 +00:00
Dr. Stephen Henson
41191d14ce
Perform partial comparison of different character types in X509_NAME_cmp().
2004-12-01 01:45:57 +00:00
Dr. Stephen Henson
1862dae862
Perform partial comparison of different character types in X509_NAME_cmp().
2004-12-01 01:45:30 +00:00
Andy Polyakov
62c19d2dd9
Back-port of RC4 assembler support for AMD64 from HEAD branch.
2004-11-30 18:00:33 +00:00
Andy Polyakov
2d1a37bc9f
Downsync new and updated RC4 assembler modules from HEAD.
2004-11-30 17:53:44 +00:00
cvs2svn
24e85c3dee
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2004-11-30 15:46:47 +00:00
Andy Polyakov
b7b46c9a87
Add 0.9.7 specific comments to RC4 assembler modules.
2004-11-30 15:46:46 +00:00
Richard Levitte
5073ff0346
Split X509_check_ca() into a small self and an internal function
...
check_ca(), to resolve constness issue. check_ca() is called from the
purpose checkers instead of X509_check_ca(), since the stuff done by
the latter (except for calling check_ca()) is also done by
X509_check_purpose().
2004-11-30 12:18:55 +00:00
Richard Levitte
fa032a6941
Split X509_check_ca() into a small self and an internal function
...
check_ca(), to resolve constness issue. check_ca() is called from the
purpose checkers instead of X509_check_ca(), since the stuff done by
the latter (except for calling check_ca()) is also done by
X509_check_purpose().
2004-11-30 12:18:53 +00:00
Andy Polyakov
fc7fc5678f
sha1_block_asm_data_order can't hash if message crosses 2GB boundary.
2004-11-29 21:19:56 +00:00
Andy Polyakov
7a3240e319
Final touches to rc4/asm/rc4-596.pl, +52% better performance on AMD core.
2004-11-29 21:12:58 +00:00
Richard Levitte
30b415b076
Make an explicit check during certificate validation to see that the
...
CA setting in each certificate on the chain is correct. As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
given)
2004-11-29 11:28:08 +00:00
Richard Levitte
cd52956357
Make an explicit check during certificate validation to see that the
...
CA setting in each certificate on the chain is correct. As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
given)
2004-11-29 11:18:00 +00:00
Andy Polyakov
914c2a28c0
perlasm/x86[ms|nasm] update to accomodate updated RC4 assembler module.
2004-11-27 15:14:58 +00:00
Andy Polyakov
bc3e7fabe7
Engage RC4 IA-64 assembler module.
2004-11-26 15:12:17 +00:00
Andy Polyakov
d675c74d14
RC4 IA-64 assembler implementation.
2004-11-26 15:07:50 +00:00
cvs2svn
4443f44012
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2004-11-25 18:21:27 +00:00
Dr. Stephen Henson
dfcf822c65
Check return code of EVP_CipherInit() in PKCS#12 code.
2004-11-24 01:21:57 +00:00
Dr. Stephen Henson
9d2996b82f
Check return code of EVP_CipherInit() in PKCS#12 code.
2004-11-24 01:21:03 +00:00
Andy Polyakov
959f9b1158
linux-x86_64 didn't link after EM64T RC4 tune-up...
2004-11-23 09:06:12 +00:00
Andy Polyakov
376729e130
RC4 tune-up for Intel P4 core, both 32- and 64-bit ones. As it's
...
apparently impossible to compose blended code with would perform
satisfactory on all x86 and x86_64 cores, an extra RC4_CHAR
code-path is introduced and P4 core is detected at run-time. This
way we keep original performance on non-P4 implementations and
turbo-charge P4 performance by factor of 2.8x (on 32-bit core).
2004-11-21 10:36:25 +00:00
Dr. Stephen Henson
ced27cc681
PR: 959
...
Use OPENSSL_NO_CAST, not OPENSSL_NO_CAST5 in e_old.c
2004-11-13 13:52:34 +00:00
Dr. Stephen Henson
f94481196c
The use of "exp" as a variable name in a prototype causes a conflict with FC2
...
headers.
2004-11-11 01:18:57 +00:00
Andy Polyakov
68d9e764cb
As was shown by Marc Bevand reordering of couple of load operations
...
results in even higher performance gain of 3.3x:-) At least on
Opteron...
2004-11-09 17:23:26 +00:00
Richard Levitte
a2ac429da2
Don't use $(EXHEADER) directly in for loops, as most shells will break
...
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Richard Levitte
a2617f727d
Don't use $(EXHEADER) directly in for loops, as most shells will break
...
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:53:31 +00:00