Dr. Stephen Henson
fb4c24b6e7
Update from HEAD.
2008-04-06 16:30:38 +00:00
Dr. Stephen Henson
1366f6b9bd
Fix from HEAD.
2008-04-06 15:57:44 +00:00
Dr. Stephen Henson
e13546f739
Update error codes.
2008-04-06 15:46:17 +00:00
Dr. Stephen Henson
d6c813daff
Fix from HEAD.
2008-04-06 15:42:29 +00:00
Dr. Stephen Henson
415fe2abe9
Delete functions not implemented in 0.9.8 from cms.h
2008-04-03 23:31:35 +00:00
Dr. Stephen Henson
8e42429c9d
Update default CFLAGS and dependencies.
2008-04-03 23:18:27 +00:00
Dr. Stephen Henson
94b2c29f9d
Backport of CMS code to 0.9.8-stable branch. Disabled by default.
2008-04-03 23:03:56 +00:00
Dr. Stephen Henson
090f931a35
Add -DOPENSSL_NO_DEPRECATED to debug-steve* targets. Add headers to make
...
build work.
2008-04-02 14:51:09 +00:00
Dr. Stephen Henson
7ec2d392e7
Backport of zlib compression BIO from HEAD. Update mkdef.pl script to handle
...
ZLIB. Update ordinals.
2008-04-02 11:37:25 +00:00
Dr. Stephen Henson
28a2759ab8
Add RFC3394 compatible key wrap algorithm.
2008-04-02 11:18:43 +00:00
Dr. Stephen Henson
9e7459fc5d
Backport some useful ASN1 utility functions from HEAD.
2008-04-02 11:11:51 +00:00
Dr. Stephen Henson
a6d4f79f24
Add new missing CMS OIDs.
2008-04-02 10:45:19 +00:00
Andy Polyakov
efcb7a75fc
Fix fast reduction on NIST curves [from HEAD].
...
PR: 1593
2008-04-01 08:40:52 +00:00
Dr. Stephen Henson
30aa23fea2
Update from HEAD.
2008-03-31 14:59:13 +00:00
Dr. Stephen Henson
fd6fa9c0b2
Fix from HEAD.
2008-03-29 13:22:49 +00:00
Dr. Stephen Henson
3fb0f01001
Fix from HEAD.
2008-03-12 00:38:07 +00:00
Andy Polyakov
2035af2091
Make x86_64-mont.pl work with debug Win64 build [from HEAD].
2008-02-27 20:14:46 +00:00
Bodo Möller
19398a175a
fix BIGNUM flag handling
2008-02-27 06:02:00 +00:00
Andy Polyakov
2923e91a98
Allow 32-bit perl to generate x86_64 assembler.
2008-02-13 20:01:48 +00:00
Andy Polyakov
7c52b7706f
Source readability fix, which incidentally works around XLC compiler bug
...
[from HEAD].
PR: 1272
2008-02-11 13:18:40 +00:00
Andy Polyakov
ddec587581
Make aes-x86_64 work with debug Win64 build [from HEAD].
2008-02-11 13:13:11 +00:00
Andy Polyakov
4f466f8e81
x86_64-xlate.pl update from HEAD.
2008-02-11 13:07:11 +00:00
Dr. Stephen Henson
3b0e61a812
Netware support.
...
Submitted by: Guenter Knauf <eflash@gmx.net>
2008-01-03 22:53:06 +00:00
Dr. Stephen Henson
5f297c4504
Updates from HEAD.
2007-12-16 16:38:22 +00:00
Dr. Stephen Henson
d7623ff9f3
Update .cvsignore
2007-12-14 19:36:32 +00:00
Dr. Stephen Henson
df9b5405e8
Don't shadow.
2007-12-14 19:34:05 +00:00
Andy Polyakov
187b655bc2
Some assembler are allergic to lea reg,BYTE PTR[...].
...
Submitted by: Guenter Knauf
2007-12-02 21:32:35 +00:00
Dr. Stephen Henson
8612cb9239
Learn how to spell "Repository"
2007-11-23 00:18:00 +00:00
Dr. Stephen Henson
b2f3fafa6a
Oops, use the right caRepository OID this time ;-)
2007-11-23 00:11:54 +00:00
Dr. Stephen Henson
483dab147d
Add caRepository OID to OpenSSL.
2007-11-23 00:07:48 +00:00
Bodo Möller
7d610299c9
Should reject signatures that we can't properly verify
...
and couldn't generate
(as pointed out by Ernst G Giessmann)
2007-11-19 07:25:28 +00:00
Bodo Möller
5c676c47cd
The hash length check wasn't strict enough,
...
as pointed out by Ernst G Giessmann
2007-11-16 13:00:57 +00:00
Andy Polyakov
cc9a645a02
Add x86_64-mont.pl [from HEAD].
2007-11-11 21:04:34 +00:00
Andy Polyakov
18fb9d807e
Add framework for bn_mul_mont [from 098-fips].
2007-11-11 20:43:23 +00:00
Andy Polyakov
2ea3cd8abc
Comply with updated x86cpuid.pl.
2007-11-11 20:06:17 +00:00
Andy Polyakov
095db72024
x86cpuid.pl update [from HEAD].
2007-11-11 19:44:42 +00:00
Andy Polyakov
4b60f4b175
rc4-x86_64.pl update [from HEAD].
2007-11-11 16:25:46 +00:00
Andy Polyakov
0794f3a798
x86_64cpuid.pl update [from HEAD].
2007-11-11 16:25:00 +00:00
Andy Polyakov
2b8e7b5061
Add AES x86_64 assembler. Note that it's not latest version from HEAD,
...
but older one corresponding to x86 module from 098-stable.
2007-11-11 14:49:56 +00:00
Andy Polyakov
6f57311da0
Add SHA x86_64 assembler [from HEAD].
2007-11-11 13:56:47 +00:00
Andy Polyakov
98b09d3949
Synchronize message digests in 098-fips with 098.
2007-11-11 13:34:08 +00:00
Andy Polyakov
231a737a82
Commit #16325 fixed one thing but broke DH with certain moduli [from HEAD].
2007-11-03 20:09:29 +00:00
Lutz Jänicke
ac1ef7ec72
Add OIDs by CMP (RFC 4210) and CRMF (RFC 4211)
...
Submitted by: Martin Peylo <martinmeis@googlemail.com>
2007-11-01 08:25:28 +00:00
Andy Polyakov
5f761514e1
Make it possible for older masm to compile sse2 modules.
...
PR: 1592
2007-10-21 14:15:40 +00:00
Lutz Jänicke
32f1f622f6
Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f
2007-10-19 08:25:53 +00:00
Lutz Jänicke
225aeb171e
Work around inconsistent version numbering in 0.9.8f (release).
...
The version code of the release should have been 09086f (6=f, f=release)
but accidently it was marked "090870" (which would be "0.9.8g-dev").
Therefore we now use "090871" for the development of 0.9.8g. Once
0.9.8g is released, the problem will be "healed". We have never done
beta releases for 0.9.x-stable patch releases, so 090871 would never
be used in practice.
PR: #1589
2007-10-17 07:46:49 +00:00
Andy Polyakov
ce62fc6eae
Copy bn/asm/ia64.S from HEAD.
2007-10-13 11:02:17 +00:00
Dr. Stephen Henson
a523276786
Backport certificate status request TLS extension support to 0.9.8.
2007-10-12 00:00:36 +00:00
Ben Laurie
074471ab0c
Back to -dev.
2007-10-11 18:27:10 +00:00
Ben Laurie
d761421e1d
Minor release cockups.
2007-10-11 18:23:16 +00:00
Ben Laurie
2339c5d722
Next version.
2007-10-11 15:04:32 +00:00
Ben Laurie
dd00266757
Ready to roll.
2007-10-11 14:58:15 +00:00
Dr. Stephen Henson
fb8fcce2ac
Fix from fips branch.
2007-10-05 16:47:04 +00:00
Lutz Jänicke
fbfa11fb29
Typos
...
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
2007-09-24 11:22:31 +00:00
Lutz Jänicke
29f4b05954
The use of the PURIFY macro in ssleay_rand_bytes() is sufficient to
...
resolve the Valgrind issue with random numbers. Undo the changes to
RAND_bytes() and RAND_pseudo_bytes() that are redundant in this
respect.
Update documentation and FAQ accordingly, as the PURIFY macro is
available at least since 0.9.7.
2007-09-21 10:10:47 +00:00
Ben Laurie
48ca0c99b2
Use PURIFY instead of PEDANTIC.
2007-09-20 12:33:24 +00:00
Dr. Stephen Henson
625782f7ee
Wrap "keep valgrind happy" change in #ifdef PEDANTIC so any entropy in the
...
buffer can be normally used.
2007-09-19 13:29:05 +00:00
Ben Laurie
4f2b7d48b1
make depend
2007-09-19 12:17:11 +00:00
Andy Polyakov
ba75b4e750
Wire DES weak_keys to read-only segment [from HEAD].
2007-09-18 20:59:33 +00:00
Andy Polyakov
ab011d51be
Minimize stack utilization in probable_prime [from HEAD].
2007-09-18 20:55:10 +00:00
Andy Polyakov
898d9b1a87
Remove excessive whitespaces from bio.h.
2007-09-18 20:49:25 +00:00
Bodo Möller
4f9a9d2b79
Make sure that BN_from_montgomery keeps the BIGNUMS in proper format
2007-09-18 16:31:18 +00:00
Andy Polyakov
12a52467c8
Typo in pq_compat.h [note that this file is not present in HEAD].
...
PR: 1537
2007-09-17 16:21:21 +00:00
Andy Polyakov
53b9696f3f
It's inappropraite to override application signal, nor is it appropriate
...
to shut down Winsock unless we know it won't be used [and we never do]
[from HEAD].
PR: 1439
2007-09-16 18:35:45 +00:00
Andy Polyakov
80ed5f84de
Make bn2dec work on "SIXTY_FOUR_BIT" platforms [from HEAD].
...
PR: 1456
2007-09-15 17:05:57 +00:00
Andy Polyakov
d4cfbdf2c0
Integrate remaining parts of #14247 [from HEAD].
2007-09-07 12:27:50 +00:00
Dr. Stephen Henson
294f03a812
Reimplement safestack to avoid function pointer casts.
2007-09-06 21:07:43 +00:00
Dr. Stephen Henson
927a28ba3b
gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL.
...
Fix various "computed value not used" warnings too.
2007-09-06 12:43:54 +00:00
Andy Polyakov
7a44a0cee7
aes_ige update [from HEAD].
2007-08-30 08:11:25 +00:00
Andy Polyakov
1040deb0c5
Respect ISO aliasing rules [from HEAD].
...
PR: 1296
2007-07-27 20:34:56 +00:00
Andy Polyakov
05ea800faf
AES for IA64 update [from HEAD].
2007-07-27 18:22:04 +00:00
Andy Polyakov
a8098740c6
Relax ISA detection.
2007-07-19 10:45:03 +00:00
Andy Polyakov
e3af0d041e
Fix masm type-casting problem in SSE2 code.
2007-07-18 20:25:17 +00:00
Andy Polyakov
a313e23fff
Shut up memory debuggers complaining about AES x86 assembler module
...
[it was not a bug!].
PR: 1508,1320
2007-07-08 19:41:12 +00:00
Andy Polyakov
4d2a292e8a
EVP_*_cfb1 was broken [from HEAD].
...
PR: 1318
2007-07-08 19:18:15 +00:00
Andy Polyakov
5a84b7fc2d
bn_mul_recursive doesn't handle all cases correctly, which results in
...
BN_mul failures at certain key-length mixes [from HEAD].
PR: 1427
2007-07-08 18:54:30 +00:00
Andy Polyakov
d8e660a6dc
Typo in str_lib [from HEAD].
...
PR: 1177
2007-07-07 20:11:42 +00:00
Dr. Stephen Henson
14346b3456
Fix warnings: C++ comments and computed value not used.
2007-07-04 12:56:33 +00:00
Andy Polyakov
a166e96d16
bn_mont.c fix [from HEAD].
2007-06-29 13:12:34 +00:00
Ben Laurie
8dd8ce1dc3
Fix warning.
2007-06-23 19:07:54 +00:00
Andy Polyakov
649ab2dcfa
Optimize OPENSSL_cleanse [from HEAD].
2007-06-20 17:37:09 +00:00
Andy Polyakov
283aedf498
Privatize BN_*_no_branch [from HEAD].
2007-06-11 16:33:50 +00:00
Andy Polyakov
1a56614af2
Eliminate conditional final subtraction in Montgomery multiplication
...
[from HEAD].
2007-06-11 16:15:10 +00:00
Dr. Stephen Henson
693c33e407
Update from HEAD.
2007-06-07 16:13:56 +00:00
Dr. Stephen Henson
d9a9aa027d
Update from HEAD.
2007-05-22 23:33:08 +00:00
Bodo Möller
b22250bb67
Fix crypto/ec/ec_mult.c to work properly with scalars of value 0
2007-05-22 09:48:06 +00:00
Andy Polyakov
d446120527
Padlock engine fails to compile with -O0 -fPIC [from HEAD].
2007-05-20 07:14:14 +00:00
Andy Polyakov
bb9d68489c
Type cast fixes in aes-586.pl.
2007-05-19 20:12:21 +00:00
Andy Polyakov
81fc4c93ef
Typo in x509_txt.c [from HEAD].
2007-05-19 18:04:21 +00:00
Ben Laurie
8957121c14
More IGE speedup.
2007-05-13 15:04:16 +00:00
Ben Laurie
50241bc84e
AES IGE mode speedup.
2007-05-13 12:03:57 +00:00
Bodo Möller
8db10d9ac4
remove leftover from editing ...
2007-04-24 00:46:48 +00:00
Bodo Möller
c3cc4662af
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:50:26 +00:00
Bodo Möller
22892f9803
fix error codes
2007-04-19 15:14:39 +00:00
Bodo Möller
27eb115fb6
don't violate the bn_check_top assertion in BN_mod_inverse_no_branch()
2007-04-19 14:45:27 +00:00
Dr. Stephen Henson
51a596ef4f
Update from HEAD.
2007-04-09 11:46:36 +00:00
Dr. Stephen Henson
1cb7e5be5b
Fix OID config module.
2007-04-08 17:45:03 +00:00
Ben Laurie
84dd04e761
Make sure we detect corruption.
2007-04-04 12:50:13 +00:00
Bodo Möller
2ac061e487
make BN_FLG_CONSTTIME semantics more fool-proof
2007-03-28 18:44:01 +00:00
Bodo Möller
7cdb81582c
Change to mitigate branch prediction attacks
...
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2007-03-28 00:14:25 +00:00
Dr. Stephen Henson
3380c52f15
Stop memory leak.
2007-03-05 00:06:47 +00:00
Lutz Jänicke
1364e6f1ac
Initialize "buf" to 0 to make valgrind happy :-)
...
Note: the RAND_bytes() manual page says:
RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf.
It does not talk about using the previous contents of buf so we are working
as documented.
2007-03-02 17:54:31 +00:00
Lutz Jänicke
c5ac2aa62c
Do not use uninitialized memory to seed the PRNG as it may confuse
...
code checking tools.
PR: 1499
2007-03-02 17:44:55 +00:00
Dr. Stephen Henson
392a0345de
EVP_CIPHER_CTX_key_length() should return the set key length in the
...
EVP_CIPHER_CTX structure which may not be the same as the underlying
cipher key length for variable length ciphers.
2007-02-27 18:42:52 +00:00
Dr. Stephen Henson
5dd24ead57
Prepare for next version.
2007-02-23 12:50:54 +00:00
Dr. Stephen Henson
d2cb94952a
Add L to version number
2007-02-23 12:38:11 +00:00
Dr. Stephen Henson
0615396d2d
Prepare for release.
2007-02-23 12:12:28 +00:00
Dr. Stephen Henson
82877ea449
Make update.
2007-02-23 01:01:08 +00:00
Lutz Jänicke
d69f85bf15
Fix incorrect handling of special characters
...
PR: 1459
Submitted by: tnitschke@innominate.com
Reviewed by: steve@openssl.org
2007-02-21 17:44:51 +00:00
Dr. Stephen Henson
52ee969e29
Update from 0.9.7-stable.
2007-02-21 13:48:49 +00:00
Dr. Stephen Henson
d1049ad93e
Fix Win32 warnings.
2007-02-18 17:23:20 +00:00
Nils Larsch
8f813338f1
- use OPENSSL_malloc() etc. in zlib
...
- move zlib_stateful_ex_idx initialization to COMP_zlib()
PR: 1468
2007-02-14 21:50:26 +00:00
Nils Larsch
5eee0253e5
remove unreachable code
2007-02-10 09:48:42 +00:00
Dr. Stephen Henson
594c723f98
Add hmac option to dgst from 0.9.7-stable.
2007-02-08 19:08:21 +00:00
Richard Levitte
53707e2eec
After objects have been freed, NULLify the pointers so there will be no double
...
free of those objects
2007-02-07 01:42:51 +00:00
Nils Larsch
fde794e898
fix typo
2007-02-06 19:48:36 +00:00
Dr. Stephen Henson
e31c620686
Update from fips2 branch.
2007-02-03 17:32:14 +00:00
Nils Larsch
923df53e25
fix potential memory leaks
...
PR: 1462
Submitted by: Charles Hardin <chardin@2wire.com>
2007-02-03 09:51:59 +00:00
Dr. Stephen Henson
dc3b721fa0
Update from 0.9.7-stable.
2007-01-23 17:54:22 +00:00
Dr. Stephen Henson
4a0d3530e0
Update from HEAD.
2007-01-21 13:16:49 +00:00
Andy Polyakov
78d4d87e39
Initialize padlock in shared build.
2007-01-04 22:55:25 +00:00
Andy Polyakov
6211633273
#include <stddef.h> in digest headers [from HEAD].
2006-12-29 14:55:43 +00:00
Richard Levitte
e25eb309ec
From HEAD
2006-12-26 21:23:38 +00:00
Richard Levitte
ffa2b2aa7d
Synchronise with Unixly build
2006-12-25 10:57:20 +00:00
Andy Polyakov
a77a95584d
Make sha.h more "portable" [from HEAD].
2006-12-22 16:04:56 +00:00
Nils Larsch
8e6905d238
remove trailing '\'
...
PR: 1438
2006-12-19 19:47:39 +00:00
Bodo Möller
1a8521ff24
Fix the BIT STRING encoding of EC points or parameter seeds
...
(need to prevent the removal of trailing zero bits).
2006-12-19 15:10:46 +00:00
Dr. Stephen Henson
35e59297fc
Update from 0.9.7-stable branch
2006-12-07 13:28:07 +00:00
Dr. Stephen Henson
9b945233b1
Update from HEAD.
2006-12-06 13:38:59 +00:00
Nils Larsch
66c4bb1a70
avoid duplicate entries in add_cert_dir()
...
PR: 1407
Submitted by: Tomas Mraz <tmraz@redhat.com>
2006-12-05 21:21:10 +00:00
Nils Larsch
3c786aa6c8
allocate a new attributes entry in X509_REQ_add_extensions()
...
if it's NULL (in case of a malformed pkcs10 request)
PR: 1347
Submitted by: Remo Inverardi <invi@your.toilet.ch>
2006-12-04 19:10:58 +00:00
Nils Larsch
e5cce6d356
add "Certificate Issuer", "Issuing Distribution Point" and
...
"Subject Directory Attributes" OIDs
PR: 1433
2006-12-04 18:48:16 +00:00
Andy Polyakov
723b7d81e4
Camellia fixes and improvements from HEAD.
2006-12-02 12:00:27 +00:00
Andy Polyakov
a3ddd7358b
Camellia portability fixes.
...
Submitted by: Masashi Fujita, NTT
2006-12-02 11:57:40 +00:00
Dr. Stephen Henson
45c027f31f
Update dependencies.
2006-11-30 14:03:58 +00:00
Dr. Stephen Henson
34a8c7ec87
Win32 fixes.
...
Use OPENSSL_NO_RFC3779 instead of OPENSSL_RFC3779: this makes the Win32 scripts
work and is consistent with other options.
Fix Win32 scripts and Configure to process OPENSSL_NO_RFC3779 properly.
Update ordinals.
Change some prototypes for LSB because VC++ 6 doesn't like the */ sequence and thinks it is an invalid end of comment.
2006-11-30 13:04:43 +00:00
Nils Larsch
d4a6240005
replace macros with functions
...
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
2006-11-29 20:47:15 +00:00
Ben Laurie
4636341b05
Add RFC 3779 support, contributed by ARIN.
2006-11-27 13:36:55 +00:00
Nils Larsch
be3b770d8f
register the engine as default engine in ENGINE_set_default()
...
PR: 1431
2006-11-24 18:44:26 +00:00
Dr. Stephen Henson
115fc340cb
Rebuild error file C source files.
2006-11-21 20:14:46 +00:00
Dr. Stephen Henson
4877e30504
Fix from HEAD.
2006-11-13 13:23:05 +00:00
Andy Polyakov
e336441197
Gcc over-optimizes PadLock AES CFB codepath, tell it not to [from HEAD].
2006-10-19 20:56:31 +00:00
Dr. Stephen Henson
20d6182f33
Typo.
2006-10-05 21:59:09 +00:00
Nils Larsch
aa145866f9
return an error if the supplied precomputed values lead to an invalid signature
2006-10-04 19:55:03 +00:00
Mark J. Cox
fdff41e166
Initialise ctx to NULL to avoid uninitialized free, noticed by
...
Steve Kiernan
2006-09-29 08:21:07 +00:00
Mark J. Cox
25e52a78fb
After tagging, bump ready for 0.9.8e development
2006-09-28 11:39:33 +00:00
Mark J. Cox
47c4bb2ddf
Prepare for 0.9.8d release
2006-09-28 11:32:42 +00:00
Mark J. Cox
951dfbb13a
Introduce limits to prevent malicious keys being able to
...
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Dr. Stephen Henson
c987c3f999
Fix from HEAD.
2006-09-22 17:07:40 +00:00
Bodo Möller
7d5af5e0fa
Ensure that the addition mods[i]+delta cannot overflow in probable_prime().
...
[Problem pointed out by Adam Young <adamy (at) acm.org>]
2006-09-18 14:01:39 +00:00