Andy Polyakov
4fe55663df
Make DTLS1 record layer MAC calculation RFC compliant.
...
Submitted by: Alex Lam
2007-10-09 19:19:07 +00:00
Andy Polyakov
ae1552ee99
Addendum to commit #16654 .
2007-10-09 16:37:24 +00:00
Andy Polyakov
debf380122
size_t-fy crypto/buffer.
2007-10-09 15:52:07 +00:00
Ralf S. Engelschall
ddb038d349
ignore a few additionally generated files
2007-10-09 09:56:44 +00:00
Andy Polyakov
b7cc9dffac
Addendum to commit #16651 .
2007-10-07 14:34:59 +00:00
Andy Polyakov
e1b81fed33
Make it possible to link VC static lib with either /MT or /MD application.
...
PR: 1230
2007-10-07 12:55:36 +00:00
Andy Polyakov
5d58f1bbfe
Prohibit RC4 in DTLS.
2007-10-05 21:04:56 +00:00
Dr. Stephen Henson
fcd1cb666c
Fix from fips branch.
2007-10-05 16:53:31 +00:00
Dr. Stephen Henson
4f19a9cb9f
Off by one fix from stable branch.
2007-10-04 12:07:52 +00:00
Andy Polyakov
0023adb47a
Switch to bn-s390x (it's faster on keys longer than 512 bits) and mention
...
s390x assembler pack in CHANAGES.
2007-10-01 07:38:32 +00:00
Andy Polyakov
81fe8dcfe1
Oops! This was erroneously left out commit #16632 .
2007-10-01 06:27:21 +00:00
Andy Polyakov
d527834a1d
Basic idea behind explicit IV is to make it unpredictable for attacker.
...
Until now it was xor between CBC residue and 1st block from last datagram,
or in other words still predictable.
2007-09-30 22:01:36 +00:00
Andy Polyakov
89c333e3e5
Make ChangeCipherSpec compliant with DTLS RFC4347.
2007-09-30 21:19:30 +00:00
Andy Polyakov
0d97d00b6c
DTLS RFC4347 says HelloVerifyRequest resets Finished MAC.
2007-09-30 19:34:36 +00:00
Andy Polyakov
e7adda52b3
DTLS RFC4347 requires client to use rame random field in reply to
...
HelloVerifyRequest.
2007-09-30 19:15:27 +00:00
Andy Polyakov
7432d073af
Switch to RFC-compliant version encoding in DTLS.
2007-09-30 18:53:54 +00:00
Dr. Stephen Henson
04e2ab2c02
Move no status notification to ssl_check_serverhello_tlsext() to ensure
...
no status is notified even if no server extensions are present.
2007-09-28 17:45:11 +00:00
Dr. Stephen Henson
b7fcc08976
Typo.
2007-09-28 17:18:18 +00:00
Andy Polyakov
7722e53f12
Yet another ARM update. It appears to be more appropriate to make
...
developers responsible for -march choice.
2007-09-27 16:27:03 +00:00
Andy Polyakov
2c3ee16272
Move -march=armv4t to ./config.
2007-09-27 07:43:58 +00:00
Andy Polyakov
19112771d6
Minor ARMv4 update.
2007-09-27 07:20:31 +00:00
Andy Polyakov
4c7c5ff667
ARMv4 assembler pack.
2007-09-27 07:09:46 +00:00
Andy Polyakov
d7e915616d
10% performance tweak in 64-bit mode.
2007-09-27 06:19:25 +00:00
Dr. Stephen Henson
67c8e7f414
Support for certificate status TLS extension.
2007-09-26 21:56:59 +00:00
Andy Polyakov
74eb3e0914
Make sha512-armv4.pl byte-order neutral.
2007-09-26 12:17:33 +00:00
Andy Polyakov
79fe664f19
Clarify commentary in sha512-sparcv9.pl.
2007-09-26 12:16:32 +00:00
Lutz Jänicke
5f0477f47b
Typos
...
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
2007-09-24 11:22:58 +00:00
Lutz Jänicke
7bbce69721
Port from 0.9.8-stable
2007-09-24 11:01:18 +00:00
Dr. Stephen Henson
870d6541f2
Use accept flag for new session ticket write.
2007-09-23 15:55:15 +00:00
Bodo Möller
02c27b113c
properly handle length-zero opaque PRF input values
...
(which are pointless, but still might occur)
2007-09-23 11:30:53 +00:00
Bodo Möller
86d4bc3aea
fix length parameter in SSL_set_tlsext_opaque_prf_input() calls
2007-09-23 11:08:59 +00:00
Bodo Möller
761772d7e1
Implement the Opaque PRF Input TLS extension
...
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and
bugfixes on the way. In particular, this fixes the buffer bounds
checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext().
Note that the opaque PRF Input TLS extension is not compiled by default;
see CHANGES.
2007-09-21 06:54:24 +00:00
Andy Polyakov
54ef01b54b
Fix indentation in d1_both.c.
2007-09-19 16:38:15 +00:00
Ben Laurie
9311c4421a
Fix dependencies. Make depend.
2007-09-19 14:53:18 +00:00
Ben Laurie
aaa4f448cf
The other half of make errors.
2007-09-19 14:51:28 +00:00
Ben Laurie
5f8b524619
make errors.
2007-09-19 14:29:59 +00:00
Bodo Möller
08111768a2
fix warning
2007-09-19 01:43:59 +00:00
Bodo Möller
1b827d7b6f
Clean up error codes a bit.
...
(engines/ccgost/ remains utter chaos, though; "make errors" is not happy.)
2007-09-19 00:58:58 +00:00
Andy Polyakov
a005fb019f
Addenum to "Constify obj_dat.[ch]."
2007-09-18 22:15:31 +00:00
Andy Polyakov
b5e5760d01
Minor formatting fixes in crypto/sha/asm.
2007-09-18 21:12:02 +00:00
Andy Polyakov
cf2bc94e5c
Wire RC4 key_table to read-only segment.
2007-09-18 21:10:32 +00:00
Andy Polyakov
26f0cf69d3
Constify obj_dat.[ch], as well as minimize linker relocations.
2007-09-18 21:05:21 +00:00
Andy Polyakov
61836c1b70
Wire DES weak_keys to read-only segment.
2007-09-18 20:58:33 +00:00
Andy Polyakov
2a1b0c8d65
Eliminate redundant make rule.
2007-09-18 20:57:06 +00:00
Andy Polyakov
75a8e30f4f
Minimize stack utilization in probable_prime.
2007-09-18 20:52:05 +00:00
Andy Polyakov
716b87a026
Remove excessive whitespaces from bio.h
2007-09-18 20:48:39 +00:00
Bodo Möller
08b229e13f
Make sure that BN_from_montgomery keeps the BIGNUMS in proper format
2007-09-18 16:35:28 +00:00
Dr. Stephen Henson
a529a80108
Update from stable branch.
2007-09-17 17:54:31 +00:00
Dr. Stephen Henson
c81898cbc4
Update from stable branch.
2007-09-17 17:31:53 +00:00
Andy Polyakov
330591fdfc
Mention aes in enc.pod.
...
PR: 1529
2007-09-17 16:42:35 +00:00