Felix Laurie von Massenbach
8927c2786d
Add a test to check we're really generating probable primes.
2014-06-01 15:31:27 +01:00
Felix Laurie von Massenbach
9a3a99748b
Remove unused BIGNUMs.
2014-06-01 15:31:27 +01:00
Felix Laurie von Massenbach
a77889f560
Only count successful generations.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
c74e148776
Refactor the first prime index.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
982c42cb20
Try skipping over the adding and just picking a new random number.
...
Generates a number coprime to 2, 3, 5, 7, 11.
Speed:
Trial div (add) : trial div (retry) : coprime
1 : 0.42 : 0.84
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
7e965dcc38
Remove editor barf on updating copyright.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
8a12085293
Add python script to generate the bits needed for the prime generator.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
c09ec5d2a0
Generate safe primes not divisible by 3, 5 or 7.
...
~2% speed improvement on trial division.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
b0513819e0
Add a method to generate a prime that is guaranteed not to be divisible by 3 or 5.
...
Possibly some reduction in bias, but no speed gains.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
b359642ffd
Run the prime speed tests for 10 seconds.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
8c9336ce2b
Tidy up speed.c a little.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
b5419b81ac
Add speed test for prime trial division.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
e46a059ebf
Remove static from probable_prime_dh.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
e55fca760b
Remove indentation from the goto targets.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
fce0ba5fcd
Strip trailing whitespace from Configure.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
d7f200779c
Add a new target to Configure for me.
2014-06-01 15:31:26 +01:00
Dr. Stephen Henson
3009244da4
Set default global mask to UTF8 only.
2014-06-01 15:03:00 +01:00
David Ramos
92d81ba622
Allocate extra space when NETSCAPE_HANG_BUG defined.
...
Make sure there is an extra 4 bytes for server done message when
NETSCAPE_HANG_BUG is defined.
PR#3361
2014-06-01 14:27:22 +01:00
David Ramos
7e2c6f7eb0
Initialise alg.
...
PR#3313
2014-06-01 13:04:10 +01:00
Dr. Stephen Henson
4fdf91742e
Use correct digest when exporting keying material.
...
PR#3319
2014-05-31 13:43:02 +01:00
Dr. Stephen Henson
7ce79a5bfd
Don't compile heartbeat test code on Windows (for now).
2014-05-31 13:43:02 +01:00
Hubert Kario
9ed03faac4
add description of -attime to man page
...
the verify app man page didn't describe the usage of attime option
even though it was listed as a valid option in the -help message.
This patch fixes this omission.
2014-05-30 23:26:35 +01:00
Hubert Kario
08bef7be1e
add description of -no_ecdhe option to s_server man page
...
While the -help message references this option, the man page
doesn't mention the -no_ecdhe option.
This patch fixes this omission.
2014-05-30 22:59:43 +01:00
Andy Polyakov
e09ea622bb
aesv8-armx.pl: add CTR implementation.
...
Submitted by: Ard Biesheuvel.
2014-05-29 22:45:35 +02:00
Dr. Stephen Henson
46d889f33e
Set version number correctly.
...
PR#3249
2014-05-29 14:33:32 +01:00
František Bořánek
4da0ddc47e
Fix memory leak.
...
PR#3278
2014-05-29 14:33:32 +01:00
Martin Kaiser
1c4575ebc3
remove duplicate 0x for default RSASSA-PSS salt len
2014-05-29 14:33:32 +01:00
Andy Polyakov
7cbdb975c2
aesp8-ppc.pl: optimize CBC decrypt even further.
...
10-19% improvement depending on key length and endianness.
2014-05-29 15:10:12 +02:00
Peter Mosmans
028bac0670
Fix for test_bn regular expression to work on Windows using MSYS. PR#3346
2014-05-27 23:29:32 +01:00
Matt Caswell
3d9243f1b6
Changed -strictpem to use PEM_read_bio
2014-05-26 23:31:37 +01:00
Matt Caswell
6b5c1d940b
Added -strictpem parameter to enable processing of PEM files with data prior to the BEGIN marker
2014-05-26 17:24:11 +01:00
Juli Mallett
487dac87e3
Fix cast of boolean where cast of LHS intended.
...
Closes #74 .
2014-05-26 13:16:12 +01:00
Matt Caswell
15658d0cbf
Fixed error in args for SSL_set_msg_callback and SSL_set_msg_callback_arg
2014-05-25 23:45:12 +01:00
Ben Laurie
ba4477d649
Make it build.
...
Closes #31 .
2014-05-25 17:35:04 +01:00
Christian Heimes
56431240ae
add test case to makefiles
2014-05-25 17:35:04 +01:00
Christian Heimes
4d4a535dcf
Implement tests for PKCS#5 PBKDF2 HMAC
2014-05-25 17:35:04 +01:00
Dr. Stephen Henson
0930251df8
Don't use expired certificates if possible.
...
When looking for the issuer of a certificate, if current candidate is
expired, continue looking. Only return an expired certificate if no valid
certificates are found.
PR#3359
2014-05-25 04:50:15 +01:00
Dr. Stephen Henson
6c21b860ba
Rename vpm_int.h to x509_lcl.h
2014-05-25 04:50:14 +01:00
Matt Caswell
955376fde3
Fix for non compilation with TLS_DEBUG defined
2014-05-24 23:55:27 +01:00
Ben Laurie
894172f207
Only copy opensslconf.h at init time.
2014-05-24 15:42:18 +01:00
Martin Kaiser
c5f0b9bd86
Modify the description of -noout to match the manpage. PR#3364
2014-05-24 00:04:25 +01:00
Martin Kaiser
189ae368d9
Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352
2014-05-24 00:02:24 +01:00
Luiz Angelo Daros de Luca
dd36fce023
OpenSSL is able to generate a certificate with name constraints with any possible
...
subjectAltName field. The Name Contraint example in x509v3_config(5) even use IP
as an example:
nameConstraints=permitted;IP:192.168.0.0/255.255.0.0
However, until now, the verify code for IP name contraints did not exist. Any
check with a IP Address Name Constraint results in a "unsupported name constraint
type" error.
This patch implements support for IP Address Name Constraint (v4 and v6). This code
validaded correcly certificates with multiple IPv4/IPv6 address checking against
a CA certificate with these constraints:
permitted;IP.1=10.9.0.0/255.255.0.0
permitted;IP.2=10.48.0.0/255.255.0.0
permitted;IP.3=10.148.0.0/255.255.0.0
permitted;IP.4=fdc8:123f:e31f::/ffff:ffff:ffff::
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2014-05-23 23:05:38 +01:00
Andy Polyakov
fda29b6db0
aesp8-ppc.pl: add optimized CBC decrypt.
2014-05-23 20:15:06 +02:00
Andy Polyakov
b83d09f552
vpaes-ppc.pl: comply with ABI.
2014-05-23 20:14:38 +02:00
Ben Laurie
27da939490
Merge branch 'heartbeat-test' of git://github.com/mbland/openssl
2014-05-22 22:00:17 +01:00
Mike Bland
647c70f765
Fix heartbeat_test for -DOPENSSL_NO_HEARTBEATS
...
Replaces the entire test with a trivial implementation when
OPENSSL_NO_HEARTBEATS is defined.
2014-05-22 15:23:10 -04:00
Ben Laurie
eb33348879
Check length first in BUF_strnlen().
2014-05-22 10:13:22 +01:00
Matt Caswell
085ccc542a
Fixed minor copy&paste error, and stray space causing rendering problem
2014-05-22 00:07:35 +01:00
Matt Caswell
df24f29ae6
Fixed unterminated B tag, causing build to fail with newer pod2man versions
2014-05-22 00:00:23 +01:00