Dr. Stephen Henson
|
ffbfbef943
|
more vxworks patches
|
2011-10-14 22:04:14 +00:00 |
|
Dr. Stephen Henson
|
1fb2e0f940
|
Allow override of GCCVER and noexecstack checking from environment.
Vxworks support.
|
2011-10-14 17:28:10 +00:00 |
|
Dr. Stephen Henson
|
41a846c694
|
Don't use TPREFIX shell variable for minimal script.
|
2011-10-14 15:15:20 +00:00 |
|
Dr. Stephen Henson
|
3335b6f265
|
Add usage messages.
|
2011-10-14 13:00:08 +00:00 |
|
Andy Polyakov
|
027026df9f
|
e_aes.c: fix bug in aesni_gcm_tls_cipher.
|
2011-10-14 09:32:06 +00:00 |
|
Andy Polyakov
|
9ee5916d97
|
aesni-x86[_64].pl: fix bug in CCM code.
|
2011-10-14 09:15:19 +00:00 |
|
Andy Polyakov
|
af9b610cef
|
Remove eng_aesni.c as AES-NI support is integrated directly at EVP.
|
2011-10-13 19:46:44 +00:00 |
|
Bodo Möller
|
8bfc6479a8
|
use -no_ecdhe when using -no_dhe
|
2011-10-13 15:07:08 +00:00 |
|
Bodo Möller
|
4f2015742d
|
Oops - ectest.c finds further problems beyond those exposed by bntext.c
|
2011-10-13 14:29:59 +00:00 |
|
Bodo Möller
|
0a06ad76a1
|
Avoid failed assertion in BN_DEBUG builds
|
2011-10-13 14:21:39 +00:00 |
|
Bodo Möller
|
bf6d2f986d
|
Make CTR mode behaviour consistent with other modes:
- clear ctx->num in EVP_CipherInit_ex
- adapt e_eas.c changes from http://cvs.openssl.org/chngview?cn=19816
for eng_aesni.c
Submitted by: Emilia Kasper
|
2011-10-13 13:41:34 +00:00 |
|
Bodo Möller
|
9d74befd23
|
Clarify warning
|
2011-10-13 13:27:09 +00:00 |
|
Bodo Möller
|
8b37d33a94
|
typo
|
2011-10-13 13:20:33 +00:00 |
|
Bodo Möller
|
3ddc06f082
|
In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
Submitted by: Bob Buckholz <bbuckholz@google.com>
|
2011-10-13 13:05:58 +00:00 |
|
Bodo Möller
|
cdfe0fdde6
|
Fix OPENSSL_BN_ASM_MONT5 for corner cases; add a test.
Submitted by: Emilia Kasper
|
2011-10-13 12:35:10 +00:00 |
|
Dr. Stephen Henson
|
5936521495
|
Print curve type for signature tests.
|
2011-10-12 22:41:33 +00:00 |
|
Dr. Stephen Henson
|
35882b60d8
|
increase test RSA key size to 1024 bits
|
2011-10-12 21:55:03 +00:00 |
|
Dr. Stephen Henson
|
ce01482e0f
|
Update README.FIPS for new FIPS 2.0 testvectors.
|
2011-10-12 18:48:01 +00:00 |
|
Dr. Stephen Henson
|
7fc78f11e8
|
Remove o_init.o special case from Makefile: this doesn't work.
|
2011-10-12 17:27:08 +00:00 |
|
Dr. Stephen Henson
|
98bc806749
|
Skip ECDH sanity check. Add --compare-all to run comparison tests on
all files instead of sanity checks.
|
2011-10-12 17:18:38 +00:00 |
|
Dr. Stephen Henson
|
a2b6dc97f6
|
Handle partial test where H is absent: needed to check g generation.
|
2011-10-12 17:03:15 +00:00 |
|
Dr. Stephen Henson
|
df36faaaa2
|
Update instructions.
|
2011-10-12 15:35:34 +00:00 |
|
Dr. Stephen Henson
|
e15acd9d9e
|
Updates to handle some verification of v2 tests.
Now enable v2 by default and require a --disable-v2 option to run the
old v1 tests.
|
2011-10-12 15:33:54 +00:00 |
|
Dr. Stephen Henson
|
a854818ea9
|
Handle broken test on verify too.
|
2011-10-12 15:32:57 +00:00 |
|
Dr. Stephen Henson
|
c1f63b5cb3
|
ECDH POST selftest failure inducing support.
|
2011-10-12 13:17:19 +00:00 |
|
Dr. Stephen Henson
|
cf61940534
|
Fix warnings.
|
2011-10-12 13:06:45 +00:00 |
|
Dr. Stephen Henson
|
dafd5b5d74
|
Only include one ECDH selftest.
|
2011-10-12 12:55:58 +00:00 |
|
Andy Polyakov
|
6c8ce3c2ff
|
e_padlock-x86[_64].pl: protection against prefetch errata.
|
2011-10-11 21:07:53 +00:00 |
|
Dr. Stephen Henson
|
3231e42d72
|
update pkey method initialisation and copy
|
2011-10-11 18:15:31 +00:00 |
|
Dr. Stephen Henson
|
cd366cf7ec
|
print out subgroup order if present
|
2011-10-11 17:44:26 +00:00 |
|
Dr. Stephen Henson
|
a59163f6b6
|
def_rsa_finish not used any more.
|
2011-10-10 20:35:09 +00:00 |
|
Dr. Stephen Henson
|
fe4394cf1d
|
remove some debugging code
|
2011-10-10 19:09:01 +00:00 |
|
Dr. Stephen Henson
|
84a75ba38c
|
fix leak properly this time...
|
2011-10-10 14:08:55 +00:00 |
|
Dr. Stephen Henson
|
eb47b2fb13
|
add GCM ciphers in SSL_library_init
|
2011-10-10 12:56:18 +00:00 |
|
Dr. Stephen Henson
|
a0f21307e0
|
disable GCM if not available
|
2011-10-10 12:41:11 +00:00 |
|
Dr. Stephen Henson
|
7d7c13cbab
|
Don't disable TLS v1.2 by default now.
|
2011-10-09 23:26:39 +00:00 |
|
Dr. Stephen Henson
|
0feb83e222
|
Synv ordinals with 1.0.1-stable.
|
2011-10-09 23:16:20 +00:00 |
|
Dr. Stephen Henson
|
ccbb9badba
|
fix CHANGES entry
|
2011-10-09 23:11:55 +00:00 |
|
Dr. Stephen Henson
|
42753a4f67
|
fix memory leaks
|
2011-10-09 23:08:15 +00:00 |
|
Andy Polyakov
|
b1d3e9de63
|
e_padlock-x86_64.pl: brown-bag bug in stack pointer handling.
|
2011-10-09 21:53:53 +00:00 |
|
Dr. Stephen Henson
|
7bd4095b12
|
Sync ordinals with 1.0.1-stable.
|
2011-10-09 15:29:43 +00:00 |
|
Dr. Stephen Henson
|
58b75e9c26
|
PR: 2482
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve
Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
|
2011-10-09 00:56:52 +00:00 |
|
Andy Polyakov
|
08d62e9f1a
|
e_padlock-x86[_64].pl: SHA fixes, comply with specification and fix bug.
|
2011-10-08 21:37:44 +00:00 |
|
Dr. Stephen Henson
|
549cd657fd
|
Add fips/ecdh directory.
|
2011-10-07 18:18:50 +00:00 |
|
Dr. Stephen Henson
|
43206a2d7c
|
New -force_pubkey option to x509 utility to supply a different public
key to the one in a request. This is useful for cases where the public
key cannot be used for signing e.g. DH.
|
2011-10-07 15:18:09 +00:00 |
|
Dr. Stephen Henson
|
6dd547398a
|
use client version when eliminating TLS v1.2 ciphersuites in client hello
|
2011-10-07 15:07:19 +00:00 |
|
Dr. Stephen Henson
|
66bb328e11
|
? crypto/aes/aes-armv4.S
? crypto/aes/aesni-sha1-x86_64.s
? crypto/aes/aesni-x86_64.s
? crypto/aes/foo.pl
? crypto/aes/vpaes-x86_64.s
? crypto/bn/.bn_lib.c.swp
? crypto/bn/armv4-gf2m.S
? crypto/bn/diffs
? crypto/bn/modexp512-x86_64.s
? crypto/bn/x86_64-gf2m.s
? crypto/bn/x86_64-mont5.s
? crypto/ec/bc.txt
? crypto/ec/diffs
? crypto/modes/a.out
? crypto/modes/diffs
? crypto/modes/ghash-armv4.S
? crypto/modes/ghash-x86_64.s
? crypto/modes/op.h
? crypto/modes/tst.c
? crypto/modes/x.h
? crypto/objects/.obj_xref.txt.swp
? crypto/rand/diffs
? crypto/sha/sha-512
? crypto/sha/sha1-armv4-large.S
? crypto/sha/sha256-armv4.S
? crypto/sha/sha512-armv4.S
Index: crypto/objects/obj_xref.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/objects/obj_xref.c,v
retrieving revision 1.9
diff -u -r1.9 obj_xref.c
--- crypto/objects/obj_xref.c 5 Nov 2008 18:38:58 -0000 1.9
+++ crypto/objects/obj_xref.c 6 Oct 2011 20:30:21 -0000
@@ -110,8 +110,10 @@
#endif
if (rv == NULL)
return 0;
- *pdig_nid = rv->hash_id;
- *ppkey_nid = rv->pkey_id;
+ if (pdig_nid)
+ *pdig_nid = rv->hash_id;
+ if (ppkey_nid)
+ *ppkey_nid = rv->pkey_id;
return 1;
}
@@ -144,7 +146,8 @@
#endif
if (rv == NULL)
return 0;
- *psignid = (*rv)->sign_id;
+ if (psignid)
+ *psignid = (*rv)->sign_id;
return 1;
}
Index: crypto/x509/x509type.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/x509/x509type.c,v
retrieving revision 1.10
diff -u -r1.10 x509type.c
--- crypto/x509/x509type.c 26 Oct 2007 12:06:33 -0000 1.10
+++ crypto/x509/x509type.c 6 Oct 2011 20:36:04 -0000
@@ -100,20 +100,26 @@
break;
}
- i=X509_get_signature_type(x);
- switch (i)
+ i=OBJ_obj2nid(x->sig_alg->algorithm);
+ if (i && OBJ_find_sigid_algs(i, NULL, &i))
{
- case EVP_PKEY_RSA:
- ret|=EVP_PKS_RSA;
- break;
- case EVP_PKEY_DSA:
- ret|=EVP_PKS_DSA;
- break;
- case EVP_PKEY_EC:
- ret|=EVP_PKS_EC;
- break;
- default:
- break;
+
+ switch (i)
+ {
+ case NID_rsaEncryption:
+ case NID_rsa:
+ ret|=EVP_PKS_RSA;
+ break;
+ case NID_dsa:
+ case NID_dsa_2:
+ ret|=EVP_PKS_DSA;
+ break;
+ case NID_X9_62_id_ecPublicKey:
+ ret|=EVP_PKS_EC;
+ break;
+ default:
+ break;
+ }
}
if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
|
2011-10-06 20:44:02 +00:00 |
|
Andy Polyakov
|
50452b2e60
|
e_padlock: add CTR mode.
|
2011-10-05 17:03:44 +00:00 |
|
Andy Polyakov
|
d18762f7c9
|
e_padlock-x86_64.pl: fix typo.
|
2011-10-04 11:21:33 +00:00 |
|
Andy Polyakov
|
149ca7128c
|
e_padlock-x86*.pl: Nano-related update.
|
2011-10-04 11:05:16 +00:00 |
|