Andy Polyakov
51d28013db
Introduce OPENSSL_NONPIC_relocated to denote relocated DLLs.
2005-04-13 08:46:35 +00:00
Andy Polyakov
9e88c82703
Minor cryptlib.c update: compiler warnings in OPENSSL_showfatal and
...
OPENSSL_stderr stub.
2005-04-13 06:55:42 +00:00
Dr. Stephen Henson
ad0db060b1
More overwritten stuff...
2005-04-12 16:36:36 +00:00
Dr. Stephen Henson
3547478fc8
Replace overwritten lines before error codes.
2005-04-12 16:17:53 +00:00
Dr. Stephen Henson
29dc350813
Rebuild error codes.
2005-04-12 16:15:22 +00:00
Dr. Stephen Henson
bc3cae7e7d
Include error library value in C error source files instead of fixing up
...
at runtime.
2005-04-12 13:31:14 +00:00
Nils Larsch
37942fab51
include limits.h for UINT_MAX etc.
2005-04-11 20:59:58 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Dr. Stephen Henson
b392e52050
Move allow_proxy_certs declaration to start of function.
2005-04-10 23:41:09 +00:00
Richard Levitte
d9bfe4f97c
Added restrictions on the use of proxy certificates, as they may pose
...
a security threat on unexpecting applications. Document and test.
2005-04-09 16:07:12 +00:00
Nils Larsch
f763e0b5ae
make sure error queue is totally emptied
...
PR: 359
2005-04-07 22:53:35 +00:00
Andy Polyakov
9f2027e56d
Implement OPENSSL_showfatal and make it Win32 GUI and service aware
...
[meaning that it will detect in which context application is running
and either write message to stderr, post a dialog or log an event].
2005-04-07 18:39:45 +00:00
Andy Polyakov
e1d51de41f
Harmonize cygwin/mingw and VC targets.
2005-04-07 15:51:55 +00:00
Andy Polyakov
81ee80ab88
+45% RC4 performance boost on Intel EM64T core. Unrolled loop providing
...
further +35% will follow...
Submitted by: Zou Nanhai
2005-04-06 09:45:42 +00:00
Nils Larsch
70f34a5841
some const fixes and cleanup
2005-04-05 10:29:43 +00:00
Nils Larsch
c2e40d0f9a
remove unused recp method
2005-04-04 18:15:59 +00:00
Andy Polyakov
0abfd60604
Extend Solaris x86 support to amd64.
2005-04-04 17:10:53 +00:00
Andy Polyakov
e5dbccc182
Solaris x86 linker erroneously pads .init segment with zeros instead of
...
nops, which causes SEGV at startup. So I don't align anymore.
2005-04-04 17:07:16 +00:00
Andy Polyakov
f8fa22d826
Some non-GNU compilers (such as Sun C) define __i386.
2005-04-04 17:05:06 +00:00
Andy Polyakov
60fd574cdf
Make bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially
...
introduced for a reason [like bug in initial gcc port], but proposed
=&r is treated correctly by senior 3.2, so we can assume it's safe now.
PR: 1031
2005-04-03 18:53:29 +00:00
Ben Laurie
73705abc34
If input is bad, we still need to clear the buffer.
2005-04-03 16:38:22 +00:00
Dr. Stephen Henson
7bdf8eed69
Typo
2005-04-01 21:56:15 +00:00
Ben Laurie
8bb826ee53
Consistency.
2005-03-31 13:57:54 +00:00
Ben Laurie
45d10efc35
Simplicate and add lightness.
2005-03-31 10:55:55 +00:00
Ben Laurie
41a15c4f0f
Give everything prototypes (well, everything that's actually used).
2005-03-31 09:26:39 +00:00
Nils Larsch
fea4280a8b
fix header
2005-03-30 21:38:29 +00:00
Ben Laurie
42ba5d2329
Blow away Makefile.ssl.
2005-03-30 13:05:57 +00:00
Ben Laurie
0821bcd4de
Constification.
2005-03-30 10:26:02 +00:00
Nils Larsch
c01d2b974e
when building with OPENSSL_NO_DEPRECATED defined BN_zero is a macro
...
which cannot be evaluated in an if statement
2005-03-28 15:06:29 +00:00
Ulf Möller
7a8c728860
undo Cygwin change
2005-03-24 00:14:59 +00:00
Nils Larsch
41e455bfc4
test, remove unnecessary const cast
2005-03-22 17:55:18 +00:00
Ulf Möller
130db968b8
Use Windows randomness code on Cygwin
2005-03-19 11:39:17 +00:00
Ulf Möller
8d274837e5
fix breakage for Perl versions that do boolean operations on long words
2005-03-19 11:13:30 +00:00
Bodo Möller
9f6715d4bb
"make depend". This takes into account the algorithms that are now
...
disabled by default (MDC2 and RC5), which until now were skipped
by "make links" and yet supposedly required by some of the Makefiles,
meaning that the recent snapshots failed to compile.
Problem reported by Nils Larsch.
2005-03-13 19:49:47 +00:00
Andy Polyakov
1642000707
Cygwin to use DSO_FLFCN and mingw to use DSO_WIN32.
2005-03-12 11:28:41 +00:00
Andy Polyakov
f7f2125522
Avoid re-build avalanches with HP-UX make.
2005-03-12 09:12:44 +00:00
Bodo Möller
2b61034b0b
fix potential memory leak when allocation fails
...
PR: 801
Submitted by: Nils Larsch
2005-03-11 09:01:24 +00:00
Bodo Möller
80c808b90b
Fix typo
...
PR: 1017
Submitted by: ciresh@yahoo.com
Reviewed by: Nils Larsch
2005-03-09 19:08:02 +00:00
Lutz Jänicke
f69a8aebab
Fix hang in EGD/PRNGD query when communication socket is closed
...
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>
2005-02-19 10:19:07 +00:00
Dr. Stephen Henson
9d10b15ef9
Fix possible memory leak.
2005-02-14 21:53:24 +00:00
Andy Polyakov
da30c74a27
Remove unused assembler modules.
2005-02-06 13:43:02 +00:00
Andy Polyakov
67ea999d4a
This patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF
...
and GNU binutils, but kept BSD make... And I took the opportunity to
unify other targets to this common least denominator...
2005-02-06 13:23:34 +00:00
Richard Levitte
8c3c570134
The first argument to load_iv should really be a char ** instead of an
...
unsigned char **, since it points at text.
Thanks to Nils Larsch <nils.larsch@cybertrust.com> for pointing out
the inelegance of our code :-)
2005-01-27 11:42:28 +00:00
Richard Levitte
bf746f0f46
Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might
...
cause a segfault... This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...
2005-01-27 01:49:25 +00:00
Richard Levitte
a229e3038e
Get rid if the annoying warning
2005-01-27 01:47:31 +00:00
Andy Polyakov
fbdce13e5a
Please BSD make...
2005-01-25 22:09:11 +00:00
Andy Polyakov
e532a6c449
FreeBSD 5 refuses to #include <malloc.h>. Fix compiler warning after
...
http://cvs.openssl.org/chngview?cn=12843 .
2005-01-25 22:07:22 +00:00
Andy Polyakov
8359421d90
Default to AES u32 being unsinged int and not long. This improves cache
...
locality on 64-bit platforms (and fixes IA64 assembler-empowered build:-).
The choice is guarded by newly introduced AES_LONG macro, which needs
to be defined only on 16-bit platforms which we don't support (not that
I know of). Meaning that one could as well skip long option altogether.
2005-01-24 14:22:05 +00:00
Andy Polyakov
efde5230f1
Improve ECB performance (48+14*rounds -> 18+13*rounds) and reserve for
...
hand-coded zero-copy AES_cbc_encrypt.
2005-01-24 14:14:53 +00:00
Andy Polyakov
bac252a5e3
Bug-fix in CBC encrypt tail processing and commentary section update.
2005-01-20 10:33:37 +00:00
Andy Polyakov
addb6e16a8
Throw in AES CBC assembler, up to +40% on aes-128-cbc benchmark.
2005-01-18 01:04:41 +00:00
Andy Polyakov
ed65fab910
Reserve for AES CBC assembler implementation...
2005-01-18 00:43:32 +00:00
Andy Polyakov
90cc40911b
Don't zap AES CBC IV, when decrypting truncated content in place.
2005-01-18 00:26:52 +00:00
Richard Levitte
a7201e9a1b
Changes concering RFC 3820 (proxy certificates) integration:
...
- Enforce that there should be no policy settings when the language
is one of id-ppl-independent or id-ppl-inheritAll.
- Add functionality to ssltest.c so that it can process proxy rights
and check that they are set correctly. Rights consist of ASCII
letters, and the condition is a boolean expression that includes
letters, parenthesis, &, | and ^.
- Change the proxy certificate configurations so they get proxy
rights that are understood by ssltest.c.
- Add a script that tests proxy certificates with SSL operations.
Other changes:
- Change the copyright end year in mkerr.pl.
- make update.
2005-01-17 17:06:58 +00:00
Dr. Stephen Henson
fcd5cca418
PKCS7_verify() performance optimization. When the content is large and a
...
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.
2005-01-14 17:52:24 +00:00
Andy Polyakov
e6d27baf52
Rely on e_os.h to appropriately define str[n]casecmp in non-POSIX
...
environments.
2005-01-13 15:46:09 +00:00
Andy Polyakov
e7e1150706
"Monolithic" x86 assembler replacement for aes_core.c. Up to +15% better
...
performance on recent microarchitectures.
2005-01-13 15:35:44 +00:00
Andy Polyakov
5d727078ac
Fix an "oops" typo! Well, it was a debugging left-over...
2005-01-13 15:25:30 +00:00
Andy Polyakov
108159ffcc
O_NOFOLLOW is not appropriate when opening /dev/* entries on Solaris.
...
PR: 998
2005-01-13 15:20:42 +00:00
Richard Levitte
b15a93a9c5
Correct a faulty address assignment, and add a length check (not
...
really needed now, but may be needed in the future, who knows?).
2005-01-12 09:53:20 +00:00
Andy Polyakov
7de4b5b060
Permit "monolithic" AES assembler implementations, i.e. such which would
...
replace *whole* aes_core.c, not only AES_[de|en]crypt routines.
2005-01-09 16:01:58 +00:00
Andy Polyakov
02a00bb054
DJGPP update.
...
PR: 989
Submitted by: Doug Kaufman
2005-01-04 10:28:38 +00:00
Andy Polyakov
3b4de6e4cc
Borrow #include <string[s].h> from e_os.h.
2004-12-31 00:00:05 +00:00
Andy Polyakov
bdbc9b4d1a
Make whiny compilers stop complaining about missing prototype.
2004-12-30 23:40:31 +00:00
Andy Polyakov
25866e3982
Commentary update for AES IA-64 assembler module.
2004-12-30 10:55:02 +00:00
Andy Polyakov
3b3df98ca6
Minor AES x86 assembler tune-up.
2004-12-30 10:46:03 +00:00
Andy Polyakov
2e4a99f38b
AES-CFB[18] 2x optimization. Well, I bet nobody cares about AES-CFB1
...
performance, but anyway...
2004-12-30 10:43:33 +00:00
Andy Polyakov
f1ce306f30
Oops-kind typos in aes-ia64.S...
2004-12-28 17:10:42 +00:00
Richard Levitte
37b11ca78e
iv needs to be const because it sometimes takes it's value from a
...
const.
2004-12-28 10:35:13 +00:00
Richard Levitte
a17af9e277
Forgot to synchronise the VMS build scripts.
2004-12-28 10:22:00 +00:00
Richard Levitte
6951c23afd
Add functionality needed to process proxy certificates.
2004-12-28 00:21:35 +00:00
Andy Polyakov
de421076a5
Minor cygwin update.
...
PR: 949
2004-12-27 21:27:46 +00:00
Andy Polyakov
9850f7f6b2
Remove yet another redundant memcpy. Not at least performance critical,
...
essentially cosmetic modification...
2004-12-26 13:05:40 +00:00
Andy Polyakov
131e064e4a
Eliminate redundant memcpy of IV material. Performance improvement varies
...
from platform to platform and can be as large as 20%.
2004-12-26 12:31:37 +00:00
Andy Polyakov
556b8f3f77
Engage AES x86 assembler module for COFF and a.out targets.
2004-12-26 10:58:39 +00:00
Andy Polyakov
045d3285e2
Engage AES x86 assembler module on ELF platforms.
2004-12-23 21:44:28 +00:00
Andy Polyakov
d1df5b4339
x86 perlasm update to accomodate aes-586.pl.
2004-12-23 21:43:25 +00:00
Andy Polyakov
25558bf743
Eliminate copies of TeN and TdN, use those found in assembler module.
2004-12-23 21:40:23 +00:00
Andy Polyakov
713147109c
AES x86 assembler implementation.
2004-12-23 21:32:34 +00:00
Andy Polyakov
76ef6ac956
Refine PowerPC platform support.
2004-12-20 13:44:34 +00:00
Dr. Stephen Henson
a842df6659
Remove unused buffer 'buf'.
2004-12-20 00:49:36 +00:00
Richard Levitte
fbf218b8c3
make update (oops, missed this file)
2004-12-13 22:57:39 +00:00
Richard Levitte
3c97bd833b
Change libeay.num so it's synchronised with additions in 0.9.7-stable.
...
make update
2004-12-13 22:57:08 +00:00
Dr. Stephen Henson
5e8904f289
Remove duplicate lines.
2004-12-12 13:15:49 +00:00
Andy Polyakov
0c0788ba0a
Solaris x86 perlasm update.
2004-12-10 11:24:42 +00:00
Andy Polyakov
905fd45b36
Engage SHA1 IA64 assembler on IA64 platforms.
2004-12-09 15:39:55 +00:00
Dr. Stephen Henson
c162b132eb
Automatically mark the CRL cached encoding as invalid when some operations
...
are performed.
2004-12-09 13:35:06 +00:00
Andy Polyakov
b4e0ce5165
SHA1 assembler for IA-64.
2004-12-09 11:57:38 +00:00
Andy Polyakov
17f0e916db
Extend RC4 test.
2004-12-07 11:55:56 +00:00
Dr. Stephen Henson
41c70d47d7
Remaing bits of PR:620 relevant to 0.9.8.
2004-12-05 01:50:56 +00:00
Dr. Stephen Henson
a0e7c8eede
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
3e66ee9f01
In by_file.c check last error for no start line, not first error.
2004-12-04 21:25:51 +00:00
Dr. Stephen Henson
8f284faaec
V1 certificates that aren't self signed can't be accepted as CAs.
2004-12-03 00:10:34 +00:00
Andy Polyakov
f774accdbf
Fix rc4-ia64.S to pass more exhaustive regression tests.
2004-12-02 10:07:55 +00:00
Dr. Stephen Henson
8544a80776
Add couple of OIDs. Resync NIDs for consistency with 0.9.7.
2004-12-01 18:09:53 +00:00
Andy Polyakov
7c69478064
I've introduced a bug to i386 RC4 assembler, which would emerge with
...
certain mix of calls to RC4 routine not covered by rc4test.c.
It's fixed now. In addition this patch inadvertently fixes minor
performance problem: in 0.9.7 context P4 was performing 12% slower
than the original implementation...
2004-12-01 15:28:18 +00:00
Dr. Stephen Henson
1862dae862
Perform partial comparison of different character types in X509_NAME_cmp().
2004-12-01 01:45:30 +00:00
Andy Polyakov
b7b46c9a87
Add 0.9.7 specific comments to RC4 assembler modules.
2004-11-30 15:46:46 +00:00
Richard Levitte
5073ff0346
Split X509_check_ca() into a small self and an internal function
...
check_ca(), to resolve constness issue. check_ca() is called from the
purpose checkers instead of X509_check_ca(), since the stuff done by
the latter (except for calling check_ca()) is also done by
X509_check_purpose().
2004-11-30 12:18:55 +00:00
Andy Polyakov
fc7fc5678f
sha1_block_asm_data_order can't hash if message crosses 2GB boundary.
2004-11-29 21:19:56 +00:00
Andy Polyakov
7a3240e319
Final touches to rc4/asm/rc4-596.pl, +52% better performance on AMD core.
2004-11-29 21:12:58 +00:00
Richard Levitte
30b415b076
Make an explicit check during certificate validation to see that the
...
CA setting in each certificate on the chain is correct. As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
given)
2004-11-29 11:28:08 +00:00
Andy Polyakov
914c2a28c0
perlasm/x86[ms|nasm] update to accomodate updated RC4 assembler module.
2004-11-27 15:14:58 +00:00
Andy Polyakov
bc3e7fabe7
Engage RC4 IA-64 assembler module.
2004-11-26 15:12:17 +00:00
Andy Polyakov
d675c74d14
RC4 IA-64 assembler implementation.
2004-11-26 15:07:50 +00:00
Dr. Stephen Henson
9d2996b82f
Check return code of EVP_CipherInit() in PKCS#12 code.
2004-11-24 01:21:03 +00:00
Andy Polyakov
959f9b1158
linux-x86_64 didn't link after EM64T RC4 tune-up...
2004-11-23 09:06:12 +00:00
Andy Polyakov
376729e130
RC4 tune-up for Intel P4 core, both 32- and 64-bit ones. As it's
...
apparently impossible to compose blended code with would perform
satisfactory on all x86 and x86_64 cores, an extra RC4_CHAR
code-path is introduced and P4 core is detected at run-time. This
way we keep original performance on non-P4 implementations and
turbo-charge P4 performance by factor of 2.8x (on 32-bit core).
2004-11-21 10:36:25 +00:00
Andy Polyakov
68d9e764cb
As was shown by Marc Bevand reordering of couple of load operations
...
results in even higher performance gain of 3.3x:-) At least on
Opteron...
2004-11-09 17:23:26 +00:00
Richard Levitte
a2ac429da2
Don't use $(EXHEADER) directly in for loops, as most shells will break
...
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Richard Levitte
1a4b8e7cee
Make sure memmove() is defined, even on SunOS 4.1.4.
...
PR: 963
2004-11-01 07:58:38 +00:00
Geoff Thorpe
58ae65cd1a
Update ECDSA and ECDH for OPENSSL_NO_ENGINE.
...
Reported by: Maxim Masiutin
Submitted by: Nils Larsch
2004-10-21 00:06:14 +00:00
Richard Levitte
5b0f1f7d13
Because libraries on Windows lack useful version information, the zlib
...
guys had to change the name to differentiate with older versions when
a backward incompatibility came up. Of course, we need to adapt.
This change simply tries to load the library through the newer name
(ZLIB1) first, and if that fails, it tries the good old ZLIB.
2004-10-14 05:48:59 +00:00
Dr. Stephen Henson
785e827323
Oops!
2004-10-04 17:28:31 +00:00
Dr. Stephen Henson
2f605e8d24
Fix race condition when CRL checking is enabled.
2004-10-04 16:30:12 +00:00
Dr. Stephen Henson
175ac6811a
Don't use C++ reserved work "explicit".
2004-10-01 11:21:53 +00:00
Andy Polyakov
07d488daf6
Fix Solaris 10_x86 shared build. -Bsymbolic is required to avoid
...
"remaining relocations" in assembler modules. The latter seems to
be new behaviour, elder as/ld managed to resolve this relocations
as internal. It's possible to address this problem differently,
but I settle for -Bsymbolic...
PR: 546
2004-09-28 20:45:10 +00:00
Richard Levitte
c38ff58b6b
Move the declaration of alloca() so it's ony declared when really
...
necessary.
2004-09-27 21:59:44 +00:00
Andy Polyakov
c29ef588dc
SHA1 asm Pentium tune-up. Performance loss is not as bad anymore.
2004-09-27 09:37:03 +00:00
Andy Polyakov
968c31bd84
sha256_block advances the input pointer double as fast sometimes. Fix the
...
bug and test that it's actually gone.
PR: 950
2004-09-27 09:35:59 +00:00
Geoff Thorpe
c743966156
Nils Larsch reported that this include is required. Strange that this had
...
gone unnoticed ...
2004-09-24 23:37:52 +00:00
Richard Levitte
bb09fd2bb6
Import changed files from LPlib. The changes are logged as follows
...
for LPdir_unix.c in LPlib. For the other files, only the last log
entry applies.
----------------------------
revision 1.11
date: 2004/09/23 22:07:22; author: _cvs_levitte; state: Exp; lines: +20 -6
Define my own macro LP_ENTRY_SIZE to express the size of my own
buffering of directory entries, and make it depend on whichever comes
first of PATH_MAX and NAME_MAX. As a fallback, make sure it's set to
255 if neither PATH_MAX or NAME_MAX were defined. Also, if the size
given from PATH_MAX or NAME_MAX is less than 255, force LP_ENTRY_SIZE
to be 255.
It makes no harm whatsoever if LP_ENTRY_SIZE is larger than the
maximum local path name limit. It does make a lot of harm if
LP_ENTRY_SIZE is smaller. 255 seemed like a fairly acceptable default
when nothing else is available.
----------------------------
revision 1.10
date: 2004/08/26 13:36:05; author: _cvs_levitte; state: Exp; lines: +13 -13
License correction. I am not REGENTS, just a COPYRIGHT HOLDER.
----------------------------
2004-09-23 22:11:39 +00:00
Geoff Thorpe
280eb33b59
Remove distracting comments and code. Thanks to Nils for picking up on the
...
outstanding ticket.
PR: 926
2004-09-19 04:55:15 +00:00
Geoff Thorpe
f79110c633
Two TODO comments taken care of. Nils pointed out that one of them had already
...
been done, and took care of the other one (which hadn't).
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-09-19 04:43:46 +00:00
Geoff Thorpe
6ef2ff62fc
Make -Werror happy again.
2004-09-18 01:32:32 +00:00
Dr. Stephen Henson
980aea7860
Check ASN1_TYPE structure type is a SEQUENCE in PKCS7_get_smimecap().
2004-09-15 23:47:25 +00:00
Dr. Stephen Henson
bd9327baa9
Change values of MBSTRING_* to the form MBSTRING_FLAG|nbyte as assumed
...
in ASN1_STRING_to_UTF8().
2004-09-13 22:33:56 +00:00
Richard Levitte
6f9bafafa3
- There's no more need for the snprintf macro.
...
- Move the inclusion of malloc.h until after all other includes, so we
can do proper tests of system macros.
- Make sure the correct header file is included to get the builtin
"alloca" under VMS, and define a macro to map the symbol 'alloca' to
it.
2004-09-13 09:15:06 +00:00
Richard Levitte
422a4a33a5
Synchronise with Unix build.
2004-09-12 13:02:04 +00:00
Dr. Stephen Henson
58606421ae
When looking for request extensions in a certificate look first
...
for the PKCS#9 OID then the non standard MS OID.
2004-09-10 20:20:54 +00:00
Richard Levitte
d813ff2ac1
make update
2004-09-10 10:30:33 +00:00
Andy Polyakov
36734b2bab
Make VIA Padlock engine more platform friendly and eliminate compiler
...
warning.
Submitted by: Doug Kaufman <dkaufman@rahul.net>
2004-09-09 14:54:12 +00:00
Andy Polyakov
c85c5c408a
x86 assembler updates: more instructions, new OPENSSL_instrument_halt
...
[for DJGPP]...
2004-09-09 14:50:32 +00:00
Richard Levitte
2c1677d703
Synchronise VMS build files with Unixly Makefiles.
2004-09-08 08:13:34 +00:00
Richard Levitte
72348cbb8d
Another symbol longer than 31 characters...
2004-09-08 08:13:03 +00:00
Dr. Stephen Henson
5d7c222db8
New X509_VERIFY_PARAM structure and associated functionality.
...
This tidies up verify parameters and adds support for integrated policy
checking.
Add support for policy related command line options. Currently only in smime
application.
WARNING: experimental code subject to change.
2004-09-06 18:43:01 +00:00
Dr. Stephen Henson
d993addbed
Stop compiler warnings.
2004-09-06 18:37:46 +00:00
Andy Polyakov
16760a3089
Proper support for OpenBSD-i386 shared build, including assember modules!
...
"Proper" means "compiles and passes test." Versioning is broken (I think).
2004-08-29 21:36:37 +00:00
Andy Polyakov
2b247cf81f
OPENSSL_ia32cap final touches. Note that OPENSSL_ia32cap is no longer a
...
symbol, but a macro expanded as (*(OPENSSL_ia32cap_loc())). The latter
is the only one to be exported to application.
2004-08-29 16:36:05 +00:00
Andy Polyakov
746fc2526f
Fix compiler warnings in crypto/evp/bio_ok.c as pointed out by Geoff.
2004-08-29 16:19:27 +00:00
Andy Polyakov
a8c65b400c
crypto/perlasm update primarily to unify Netware modules. Once it's verified
...
x86*_nw.pl will be deleted. In addition this update implements initseg
on several additional [in addition to ELF] platforms. Functions registered
with initseg are supposed to be called prior main().
2004-08-29 16:10:27 +00:00
Andy Polyakov
526975906b
Minor VIA Padlock engine update: eliminate -Wunused warning when *not*
...
compiling the engine and inline memcpy in performance critical pathes.
2004-08-24 09:01:09 +00:00
Andy Polyakov
14fa6ad9f9
Make aes_ctr.c 64-bit savvy.
2004-08-23 22:19:51 +00:00
Richard Levitte
bb1a915c24
Basically, I wanted to be able to make a dump to a FILE*, and not have
...
to bother creating a BIO around it. So here's a few more functions to
make it possible to make the dump using a printing callback, and to
print to a FILE* (based on the callback variant), done in the same
style as the functions in crypto/err/err_prn.c.
2004-08-11 21:13:57 +00:00
Dr. Stephen Henson
e08aad1d14
Make ASN1_INTEGER_cmp() work as expected with negative integers.
2004-08-10 17:40:14 +00:00
Dr. Stephen Henson
c128bb0fa2
Don't ignore return value of EVP_DigestInit_ex() in md BIOs and dgst utility.
2004-08-05 18:09:50 +00:00
Andy Polyakov
b88606c28e
Padlock engine update to fix a typo in MSC assembler and to address
...
potential corruption problem if user manages to inter-leave aligined
and misaligned requests [as well as some MSC-specific tweaks].
2004-08-04 12:58:26 +00:00
Richard Levitte
2ea6abf6e5
DJGPP has opendir() and friends, according to Gisle Vanem <giva@bgnett.no>.
2004-08-03 19:15:21 +00:00
Andy Polyakov
42096e05f7
Avoid a.out name table pollition.
2004-08-02 22:02:17 +00:00
Andy Polyakov
7d15a556f8
Minor clean-up to make Microsoft compiler shut up.
2004-08-02 21:54:40 +00:00
Andy Polyakov
5b17246324
VIA C3 processor extends IA-32 instruction set with instuctions
...
performing AES encryption in hardware, as well as one accessing
hardware RNG. As you surely imagine this engine access this
extended instruction set. Well, only AES for the moment, support
for RNG is to be added later on...
PR: 889
Submitted by: Michal Ludvig <michal@logix.cz>
Obtained from: http://www.logix.cz/michal/devel/padlock/
2004-08-02 21:48:11 +00:00
Andy Polyakov
c77094415f
Cygwin fix-up for shared build.
2004-08-01 21:24:34 +00:00
Andy Polyakov
34413fca84
OpenBSD fix-up for new a.out targets. OpenBSD .s.o rule is busted...
2004-08-01 21:16:26 +00:00
Andy Polyakov
ec38ddc765
Clean-up GAS targets: get rid of "cpp" stuff and replace it with "purified"
...
COFF and a.out targets [similar to ELF targets]. You might notice some
rudementary support for shared mingw builds under cygwin. It works (it
produces cryptoeay32.dll and ssleay32.dll with everything exported by
name), but it's primarily for testing/debugging purposes, at least for
now...
2004-08-01 17:33:58 +00:00
Andy Polyakov
8aae01e223
Deprecate cpp and gaswin targets. New coff fills in for gaswin, but cpp is
...
going out...
2004-08-01 17:03:50 +00:00
Andy Polyakov
00555c2f2f
DLLEntryPoint is a collective name, not what linker looks for. However,
...
if we explicitly intruct the linker to set entry point, then we become
obliged to initialize run-time library. Instead we can pick name run-time
will call and such name is DllMain. Note that this applies to both
"native" Win32 environment and Cygwin:-)
2004-08-01 14:27:43 +00:00
Richard Levitte
07d80f6f35
We build the crypto stuff, not the ssl stuff, in this command procedure...
2004-07-29 22:25:59 +00:00
Dr. Stephen Henson
a25aca2943
Oops, wrong version...
2004-07-27 00:19:58 +00:00
Dr. Stephen Henson
48c524827b
Add FIPS library name to error routines.
2004-07-27 00:19:18 +00:00
Andy Polyakov
ebaec63e3e
This is so to say "damage control" for jumbo "cpuid" patch, see
...
http://cvs.openssl.org/chngview?cn=12493 . Now all platform should
be operational, while SSE2 code pathes get engaged on ELF platforms
only.
2004-07-26 22:01:50 +00:00
Andy Polyakov
14e21f863a
Add framework for yet another assembler module dubbed "cpuid." Idea
...
is to have a placeholder to small routines, which can be written only
in assembler. In IA-32 case this includes processor capability
identification and access to Time-Stamp Counter. As discussed earlier
OPENSSL_ia32cap is introduced to control recently added SSE2 code
pathes (see docs/crypto/OPENSSL_ia32cap.pod). For the moment the
code is operational on ELF platforms only. I haven't checked it yet,
but I have all reasons to believe that Windows build should fail to
link too. I'll be looking into it shortly...
2004-07-26 20:18:55 +00:00
Andy Polyakov
f10725a6e1
Zero key-length for HMAC is apparently OK.
2004-07-25 20:24:49 +00:00
Andy Polyakov
0f71b77d5c
Make bio_ok.c Microsoft compiler savvy.
2004-07-25 20:13:30 +00:00
Andy Polyakov
d6bb6a88be
Typos, typos...
2004-07-25 20:09:56 +00:00
Andy Polyakov
3205db2bfe
Make bio_ok.c 64-bit savvy.
2004-07-25 19:37:41 +00:00
Andy Polyakov
6f86850eec
Stricter boundary condition check in HMAC_Init_ex.
2004-07-25 19:25:05 +00:00
Andy Polyakov
16ab8a93bc
Minor 64-bit md32_common.h update and minor unsignification of digests.
2004-07-25 19:10:43 +00:00
Andy Polyakov
fbf96849e9
Make SHA-256/-512 optional. Note that no-sha switches off *all* SHA.
2004-07-25 18:25:24 +00:00
Andy Polyakov
d70e2507f8
Some compilers are just too whiny. Nothing makes Microsoft compiler
...
stop complaining about loss of precision, but explicit cast.
2004-07-25 17:00:56 +00:00
Andy Polyakov
2fcf435d73
Some compilers are just too whiny. DEC C doesn't like long long...
2004-07-25 16:54:08 +00:00
Andy Polyakov
da2ee71de5
Typos and due casts. As for the latter. It's "safe" to cast as below,
...
because "wrong" casts will either be optimized away or never performed.
2004-07-25 16:48:28 +00:00
Andy Polyakov
33c3ecf741
Build-n-link new IA-64 modules on Linux and HP-UX.
2004-07-23 23:27:10 +00:00
Andy Polyakov
5bd4c26057
Various IA-64 assembler fix-ups.
2004-07-23 22:54:18 +00:00
Andy Polyakov
afe67fb28e
Adapt rc4-amd64.pl for Win64/AMD64 assembler.
2004-07-23 17:51:17 +00:00
Richard Levitte
f744f92adb
From LPlib:
...
Apparently, the length *including* the NUL byte should be used.
Contributed by Andy Polyakov <appro@fy.chalmers.se>
2004-07-22 18:34:06 +00:00
Richard Levitte
75f134c077
From LPlib:
...
Make a nicer comment, as we don't really know for sure that it's
really needed, and just want to play on the safe side.
Suggest by Andy Polyakov <appro@fy.chalmers.se>
2004-07-22 13:00:14 +00:00
Andy Polyakov
f1bdf1d518
#include <limits.h> is required at least on HP-UX and IRIX. And what's
...
with HP-UX offering 14 for NAME_MAX?
2004-07-22 10:53:26 +00:00
Andy Polyakov
d58caee734
EVP_Digest is size_t-fied, clean up test programs accordingly.
2004-07-22 10:25:52 +00:00
Andy Polyakov
e39c2548f5
Run SHA-256/-512 tests through EVP...
2004-07-22 10:21:13 +00:00
Andy Polyakov
8169dd73f9
All SIXTY_FOUR_BIT platforms (mind the difference between SIXTY_FOUR_BIT and
...
SIXTY_FOUR_BIT_LONG) were failing to pass 'cd test; make test_bn'.
2004-07-22 09:32:11 +00:00
Richard Levitte
765e231a7c
From LPlib:
...
Some code beautification.
Change the macro CP_THREAD_ACP to CP_ACP, because the latter is more
widely defined.
Add a conditional macro definition in case FindFirstFile and
FindNextFile aren't properly defined (might happen on WinCE).
Suggested by Andy Polyakov <appro@fy.chalmers.se>
2004-07-21 21:16:21 +00:00
Andy Polyakov
89c53672c2
Make rand_win.c UNICODE savvy.
2004-07-21 17:17:30 +00:00
Richard Levitte
64ba6cf222
From LPlib:
...
Windows changes that detects if multibyte characters are available and
deals with them properly.
Contributed by Andy Polyakov <appro@fy.chalmers.se>
2004-07-20 21:24:43 +00:00
Richard Levitte
210a4f78ae
Imported from LPlib, making sure the entry name (at least on Unix) is
...
NUL-teminated at all times, and that we don't make unneeded calls to
free().
2004-07-19 16:36:28 +00:00
Richard Levitte
334ef04949
Since version 7.0, The C RTL in VMS handles time in terms of UTC
...
instead of local time.
2004-07-19 07:50:43 +00:00
Andy Polyakov
859ceeeb51
Anchor AES and SHA-256/-512 assembler from C.
2004-07-18 17:26:01 +00:00
Andy Polyakov
d0590fe6b2
Add anchors for AES, SHA-256/-512 assembler modules and SSE2 code pathes.
...
I also used this opportunity to clean up some out-of-date targets and
re-group targets by OS.
2004-07-18 16:19:34 +00:00
Andy Polyakov
2232b10f5a
Add licensing terms.
2004-07-17 13:24:58 +00:00
Andy Polyakov
e34794dd1b
IA-64 is intolerant to misaligned access. It was a problem on Win64 as
...
we were mislead by _MSC_VER macro, which is defined by *all* Windows
Microsoft compilers.
2004-07-17 12:55:55 +00:00
Geoff Thorpe
0210065bbd
Quick fix.
...
Submitted by: Nils Larsch
2004-07-16 03:24:51 +00:00
Geoff Thorpe
7f5b4dd1e8
Using Horner's algorithm to evaluate the ec polynomial
...
(suggested by Adam Young <ayoung@cigital.com>)
Submitted by: Nils Larsch
2004-07-16 03:24:19 +00:00
Richard Levitte
5906e8d5fe
I think it could be a good thing to know what went wrong with the tests...
2004-07-12 12:25:54 +00:00
Richard Levitte
2b002273f3
'SSL_add_dir_cert_subjects_to_stack' is longer than 31 characters.
...
Lucky me, I had prepared for this :-).
2004-07-11 20:22:37 +00:00
Richard Levitte
15d155e45a
o_dir needs to be compiler with the warnings about dollar signs in
...
identities disabled.
2004-07-11 20:21:56 +00:00
Richard Levitte
b0841348b6
In some cases, EVMSERR isn't visible (that's fairly new...).
...
Don't have a constant that you're going to assign to, that's just
plain stupid (I was the stupidhead here...).
2004-07-11 20:21:19 +00:00
Andy Polyakov
090e81d4aa
Integration of RC4 AMD64 module.
2004-07-11 16:49:09 +00:00
Andy Polyakov
e4528e48e3
RC4 tune-up for AMD64. Performance improvement of 2.22x is measured for
...
linux-x86_64 target.
2004-07-11 16:44:07 +00:00
Richard Levitte
a2400fcab8
Copy a few files from LPlib (a new project of mine), add a wrapper.
...
Now we have directory reading capabilities for VMS as well, and all
of it in a fairly general manner.
2004-07-10 13:16:02 +00:00
Richard Levitte
dc56eb5079
o_str.c: Windows doesn't have <strings.h>, and since we use _strnicmp() and
...
_stricmp() on that platform, use the appropriate header file for it,
<string.h>.
o_str.h: we only want to get size_t, which is defined in <stddef.h>.
Philippe Bougeret <philippe.bougeret@freesbee.fr> notified us about Windows
not having a <strings.h>
2004-07-08 08:32:48 +00:00
Dr. Stephen Henson
637ff35ef6
Delta CRL support in extension code.
2004-07-06 17:16:40 +00:00
Geoff Thorpe
ace3ebd661
Improve error handling if decompression of an ec point fails, and cleanup
...
ec_curve.c (unify comments, etc).
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller, Geoff Thorpe
2004-07-06 15:50:04 +00:00
Dr. Stephen Henson
eea674567c
Delete non-POSIX header file.
2004-07-04 16:48:27 +00:00
Dr. Stephen Henson
c39c32dd65
PKCS#8 fixes from stable branch.
2004-07-04 16:44:52 +00:00
Andy Polyakov
80bbc9ceaf
Minor (+12% on P4) performance tweak for sha512_block_sse2.
2004-07-01 11:29:00 +00:00
Andy Polyakov
51ce5230cd
AES assembler implementation for IA-64. Note that there is no anchor from
...
C code yet...
2004-07-01 11:15:23 +00:00
Andy Polyakov
b6d8ba11e9
New SHA algorithms assembler implementation for IA-64. Note that despite
...
module name both SHA-256 and SHA-512 are supported.
2004-07-01 11:13:44 +00:00
Andy Polyakov
e2f2a9af2c
New scalable bn_mul_add_words loop, which provides up to >20% overall
...
performance improvement. Make module more gcc friendly and clarify
copyright issues for division routine.
2004-07-01 11:10:38 +00:00
Richard Levitte
28a8003467
Changes for VOS, submitted by Paul Green <Paul.Green@stratus.com>.
...
PR: 499
2004-06-28 22:01:37 +00:00
Richard Levitte
47c1735acd
NetWare fixes provided by Verdon Walker for OpenSSL 0.9.8-dev.
...
The changes have been mailed to <crypt@bis.doc.gov> as well.
PR: 903
2004-06-28 11:55:28 +00:00
Geoff Thorpe
d459e39012
Tidy up, including;
...
- Remove unused and unuseful debug cruft.
- Remove unnecessary 'top' fudging from BN_copy().
- Fix a potential memory leak and simplify the expansion logic in
BN_bin2bn().
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-06-20 04:16:12 +00:00
Geoff Thorpe
340f5856ec
Incomplete initial sweep over the engine code. Mainly reducing some
...
comment-noise to managable levels and inverting the sense of the "uptodate"
boolean (which was counter-intuitive the way I'd left it).
2004-06-19 03:58:42 +00:00
Geoff Thorpe
df11e1e921
Deprecate unused cruft, and "make update".
2004-06-17 23:50:25 +00:00
Geoff Thorpe
1275c4569e
Minor change to group like functions together.
2004-06-17 23:35:45 +00:00
Geoff Thorpe
afbe74d386
Actually, that last change to BN_get_word() was a little too simple.
2004-06-17 22:05:40 +00:00
Geoff Thorpe
f18ea6cae9
Get rid of signed/unsigned warnings, and teach CVS about new things to
...
ignore.
2004-06-17 20:28:28 +00:00
Geoff Thorpe
9088d5f24f
As Nils put it;
...
Yet another question: some time ago you changed BN_set_word.
Why didn't you change BN_get_word as well?
Quite. I'm also removing the older commented-out implementations to improve
readability. This complex stuff seems to date from a time when the types
didn't match up well.
Submitted by: Nils Larsch, Geoff Thorpe
2004-06-17 20:13:50 +00:00
Geoff Thorpe
cf9056cfda
BN_div_word() was breaking when called from BN_bn2dec() (actually, this is
...
the only function that uses it) because it would trip up an assertion in
bn_div_words() when first invoked. This also adds BN_div_word() testing to
bntest.
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-06-17 20:03:56 +00:00
Richard Levitte
f7fc4ca1dd
Making some values explicitely unsigned was derived from ongoing work
...
that isn't yet committed. It wasn't meant to be committed already, so
I'm removing it for now.
2004-06-15 12:52:26 +00:00
Richard Levitte
132fc53223
Typo, setting the first element of nids[] to NULL instead of setting
...
*cnids.
2004-06-15 11:45:42 +00:00
Geoff Thorpe
b3b6720944
Correct the return codes for ecdsatest.
...
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-06-14 23:37:32 +00:00
Andy Polyakov
385c8e89f4
SHA fails to compile on x86_64 if compiled with custom flags, without
...
recommended -DMD32_REG_T=int in particular.
PR: 893
Submitted by: Michal Ludvig <michal-list@logix.cz>
2004-06-11 17:50:57 +00:00
Geoff Thorpe
9081980565
This fixes the installation target for dynamic engines, which was trying to
...
install to a different location than it had created. (BTW, VMS will need a
matching fix in eng_list.c.) Note, these aren't ssl-specific, so I'm
putting "engines/" into the libs directory rather than at the "--prefix"
level or inside "ssl/".
2004-06-01 03:18:58 +00:00
Andy Polyakov
057cfaf2f8
Extend HMAC_MAX_MD_CBLOCK to accomodate SHA-512.
2004-05-31 13:28:23 +00:00
Richard Levitte
914d36ba19
make update
2004-05-31 13:16:08 +00:00
Andy Polyakov
31c2ac1cdc
EVP bindings to new SHA algorithms.
2004-05-31 13:14:08 +00:00
Andy Polyakov
6bca8e3886
objects.txt update for SHA-224/-256/-384/-512. SHA-224 ids still appear
...
"draft," but we have to start somewhere...
Submitted by: Nils Larsch <nlarsch@compuserve.de>
2004-05-31 13:07:19 +00:00
Andy Polyakov
31e9b9b2e9
Typo in commentary section.
2004-05-31 12:30:41 +00:00
Andy Polyakov
7997b13aa3
Final SHA-256/-512 touches. Extra md_len field in SHA[256|512]_CTX
...
reserves for truncated hash function output mode and makes SHA224
thread-safe. Next stop is integration with EVP and we're done...
2004-05-31 12:26:18 +00:00
Andy Polyakov
a2eb9688a4
Kill unused macro and reimplement it for that single context it can
...
actually be used, namely x86* platforms [because they don't bomb on
unaligned access]. This resulted in 30-40% [depending on message
length] improvement for SHA-256 compiled with gcc and running on P4.
In the lack of assembler implementation I give the compiler all the
help it can possibly get:-)
2004-05-31 12:06:27 +00:00
Richard Levitte
af2bf07404
SHA224_Update() and SHA224_Final() aren't implemented, and since
...
SHA224() uses SHA256_Update() and SHA256_Final() instead, let's just
create aliases in form of macros.
make update
2004-05-30 16:58:33 +00:00
Andy Polyakov
8d9fb0f04a
gcc -Wcast-qual clean-up.
2004-05-29 19:11:29 +00:00
Andy Polyakov
674ee8b72d
Make sure we return 0 if test passed.
2004-05-28 21:42:40 +00:00
Andy Polyakov
1809e858bb
Eliminate compiler warnings and throw in performance table.
2004-05-28 10:15:58 +00:00
Andy Polyakov
da8348e938
SHA-224 test vectors added.
2004-05-27 19:46:07 +00:00
Richard Levitte
ef16f45081
Since num is now a size_t, it's not necssary to check for less than 0,
...
AND it avoids warnings on certain systems.
2004-05-27 09:20:42 +00:00
Richard Levitte
4d692e1ba0
Synchronise VMS with the Unixly Malefiles.
2004-05-26 17:05:51 +00:00
Richard Levitte
f2bfbcef76
make update
2004-05-25 09:41:00 +00:00
Andy Polyakov
63077bd40c
SHA-256/-512 update. A bug fix, SHA-512 tune-up for AMD64, hook for SSE2
...
code, Makefile update.
2004-05-20 21:24:41 +00:00
Andy Polyakov
df364f1b00
Stress collector/padding function.
2004-05-20 21:20:19 +00:00
Andy Polyakov
bc767216d9
Final API adaptation. Final, "all openssl" performance numbers [not mixture
...
of different implementations]. Real-life performance improvement is rated
at 2-3x, not 6x as preliminary announced.
2004-05-20 21:18:09 +00:00
Dr. Stephen Henson
eda52e175a
Delete obsolete and unimplemented function.
2004-05-19 17:05:02 +00:00
Richard Levitte
c4fc8b5bf4
X509_policy_lib_init is declared but not defined, so it raises havoc
...
when trying to build a shared library on VMS or Windows...
2004-05-19 14:19:51 +00:00
Geoff Thorpe
9c52d2cc75
After the latest round of header-hacking, regenerate the dependencies in
...
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
2004-05-17 19:26:06 +00:00
Geoff Thorpe
0f814687b9
Deprecate the recursive includes of bn.h from various API headers (asn1.h,
...
dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.
2004-05-17 19:14:22 +00:00
Geoff Thorpe
298a2f9e58
Because of recent reductions in header interdependencies, these files need
...
to include crypto.h directly.
2004-05-17 19:01:15 +00:00
Geoff Thorpe
ac0d0a5ecd
I can't verify this directly, but recent changes will probably require that
...
the cryptodev implementation include bn.h directly (when building with
OPENSSL_NO_DEPRECATED that is).
2004-05-17 18:58:47 +00:00
Geoff Thorpe
508999fa7d
Deprecate some recursive includes from the store.h API header, and put back
...
required includes back via the internal header and str_lib.c.
2004-05-17 18:49:06 +00:00
Geoff Thorpe
210a21bc8d
Reduce dependencies on crypto.h by moving the opaque definition of
...
CRYPTO_EX_DATA and the new/free/dup callback prototypes to ossl_typ.h.
2004-05-17 18:39:00 +00:00
Geoff Thorpe
678c1e025b
Moving opaque definitions to ossl_typ.h lets us reduce header dependencies.
...
Deprecate inclusion of crypto.h from ui.h.
2004-05-17 18:01:28 +00:00
Andy Polyakov
1ab61a9179
Make reservations for FIPS code in HEAD branch, so that the moment FIPS
...
comes in we have required macros in place.
2004-05-17 15:49:13 +00:00