Commit graph

7779 commits

Author SHA1 Message Date
Dr. Stephen Henson
5d20c4fb35 Overhaul of by_dir code to handle dynamic loading of CRLs. 2006-09-17 17:16:28 +00:00
Dr. Stephen Henson
a04549cc75 GOST public key algorithm ENGINE donated to the OpenSSL by Cryptocom.
Very early version, doesn't do much yet, not even added to the build system.
2006-09-17 13:00:18 +00:00
Dr. Stephen Henson
bc7535bc7f Support for AKID in CRLs and partial support for IDP. Overhaul of CRL
handling to support this.
2006-09-14 17:25:02 +00:00
Dr. Stephen Henson
83357f047d Update docs. 2006-09-13 03:28:42 +00:00
Bodo Möller
b6699c3f07 Update 2006-09-12 14:42:19 +00:00
Dr. Stephen Henson
016bc5ceb3 Fixes for new CRL/cert callbacks. Update CRL processing code to use new
callbacks.
2006-09-11 13:00:52 +00:00
Bodo Möller
ed65f7dc34 ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
ciphersuite as well
2006-09-11 09:49:03 +00:00
Dr. Stephen Henson
4d50a2b4d6 Add verify callback functions to lookup a STACK of matching certs or CRLs
based on subject name.

New thread safe functions to retrieve matching STACK from X509_STORE.

Cache some IDP components.
2006-09-10 12:38:37 +00:00
Bodo Möller
7f4301668f Make sure the int_rsa_verify() prototype matches the implementation
(m_len currently is 'unsigned int', not 'size_t')

Submitted by: Gisle Vanem
2006-09-08 06:00:40 +00:00
Dr. Stephen Henson
29a1bb07e5 Additional detail. 2006-09-06 11:59:04 +00:00
Bodo Möller
99e9a90081 update information on "current version" ... 2006-09-06 11:54:19 +00:00
Dr. Stephen Henson
715020e334 Add an FAQ. 2006-09-06 11:53:50 +00:00
Bodo Möller
2952886010 Remove non-functional part of recent patch, after discussion with
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
2006-09-06 06:43:11 +00:00
Bodo Möller
613e7d2a65 Make consistent with 0.9.8-branch version of this file 2006-09-06 06:42:11 +00:00
Bodo Möller
6a2c471077 Every change so far that is in the 0.9.8 branch is (or should be) in HEAD 2006-09-06 06:34:52 +00:00
Mark J. Cox
b79aa05e3b Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339)

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:58:03 +00:00
Andy Polyakov
500b5a181d Rewrite sha1-586.pl. 2006-08-31 21:27:30 +00:00
Andy Polyakov
2b8a5406f9 Fix bug in aes-586.pl. 2006-08-31 21:15:38 +00:00
Andy Polyakov
2f35ae90fe Fix bug in x86unix.pl introduced in latest update.
PR: 1380
2006-08-31 21:12:17 +00:00
Dr. Stephen Henson
0fca32a7aa Kill more C++ comments. 2006-08-31 21:01:15 +00:00
Dr. Stephen Henson
02c9b66a6c Fix C++ style comments, change assert to OPENSSL_assert, stop warning with
pedantic mode.
2006-08-31 20:56:20 +00:00
Dr. Stephen Henson
539d4c1030 Fix leak 2006-08-31 20:10:37 +00:00
Ben Laurie
aa6d1a0c19 Forward port of IGE mode. 2006-08-31 14:04:04 +00:00
Ben Laurie
777c47acbe Make things static that should be. Declare stuff in headers that should be.
Fix warnings.
2006-08-28 17:01:04 +00:00
Richard Levitte
5776c3c4c6 According to documentation, including time.h declares select() on
OpenVMS, and possibly more.

Ref: http://h71000.www7.hp.com/doc/82final/6529/6529pro_019.html#r_select
2006-08-20 05:54:35 +00:00
Richard Levitte
0c3d346cb7 Correct warnings about signedness. 2006-08-20 05:18:12 +00:00
Ulf Möller
1c23bc5670 Use gmtime on cygwin
Submitted by: Corinna Vinschen
2006-08-13 09:03:38 +00:00
Andy Polyakov
8ea975d070 +20% tune-up for Power5. 2006-08-09 15:40:30 +00:00
Andy Polyakov
6c69aa532e Revised AES_cbc_encrypt in x86 assembler module. 2006-08-07 09:05:52 +00:00
Ulf Möller
6264c9b2a9 Correct punctuation.
PR: 1367
2006-08-05 20:45:06 +00:00
Andy Polyakov
fc92414273 Agressively prefetch S-box in SSE codepatch, relax alignment requirement,
check for SSE bit instead of MMX, as pshufw was introduces in PIII, minor
optimization, typos...
2006-08-02 22:38:16 +00:00
Andy Polyakov
53154d71c3 Switch to compact S-box when generating AES key schedule. 2006-08-02 07:46:56 +00:00
Andy Polyakov
8cebec9802 Switch to compact S-box when generating AES key schedule. 2006-08-01 22:10:39 +00:00
Andy Polyakov
0209d1605d Real Bourne shell doesn't interpret ==, but =. 2006-08-01 16:12:10 +00:00
Andy Polyakov
c8a0d0aaf9 Engage assembler in solaris64-x86_64-cc. 2006-07-31 22:28:40 +00:00
Andy Polyakov
0cc46efa09 perlasm/x86unix.pl update. 2006-07-31 22:26:40 +00:00
Andy Polyakov
22c268e6c9 Next generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusively
256 byte S-box. AES_cbc_encrypt needs further work as it should also use
slow routines when processing smaller amount of data.
2006-07-31 20:03:56 +00:00
Bodo Möller
dd0514e2cc Camellia IPR information 2006-07-31 11:50:01 +00:00
Dr. Stephen Henson
f6e7d01450 Support for multiple CRLs with same issuer name in X509_STORE. Modify
verify logic to try to use an unexpired CRL if possible.
2006-07-25 17:39:38 +00:00
Dr. Stephen Henson
edc540211c Cache some CRL related extensions. 2006-07-24 12:39:22 +00:00
Dr. Stephen Henson
2eed3a3cc8 Avoid warning. 2006-07-21 22:46:19 +00:00
Dr. Stephen Henson
1aa44cc797 Avoid WIN32 warning. 2006-07-21 22:28:48 +00:00
Dr. Stephen Henson
37c8fd0eba Avoid warnings. 2006-07-21 22:26:31 +00:00
Dr. Stephen Henson
786aa98da1 Use correct pointer types for various functions. 2006-07-20 16:56:47 +00:00
Bodo Möller
413e0853d7 New Camellia implementation (replacing previous version)
Submitted by: NTT
2006-07-19 13:38:26 +00:00
Bodo Möller
8e4560c42f Camellia information 2006-07-19 13:36:40 +00:00
Dr. Stephen Henson
450ea83495 Store canonical encodings of Name structures. Update X509_NAME_cmp() to use
them.
2006-07-18 12:36:19 +00:00
Andy Polyakov
af8c1d81a3 Reimplement outer rounds as "compact" in x86 assembler. This has rather
strong impact on decrypt performance, 20-25%. One probably should consider
switching between slower and faster routines depending on how much data
we were asked to process.
2006-07-18 10:05:38 +00:00
Dr. Stephen Henson
b589427941 WIN32 fixes signed/unsigned issues and slightly socket semantics. 2006-07-17 18:52:51 +00:00
Dr. Stephen Henson
f0fa285f75 Update .cvsignore again. 2006-07-17 16:42:06 +00:00