Commit graph

12035 commits

Author SHA1 Message Date
Felix Laurie von Massenbach
8927c2786d Add a test to check we're really generating probable primes. 2014-06-01 15:31:27 +01:00
Felix Laurie von Massenbach
9a3a99748b Remove unused BIGNUMs. 2014-06-01 15:31:27 +01:00
Felix Laurie von Massenbach
a77889f560 Only count successful generations. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
c74e148776 Refactor the first prime index. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
982c42cb20 Try skipping over the adding and just picking a new random number.
Generates a number coprime to 2, 3, 5, 7, 11.

Speed:
Trial div (add) : trial div (retry) : coprime
1 : 0.42 : 0.84
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
7e965dcc38 Remove editor barf on updating copyright. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
8a12085293 Add python script to generate the bits needed for the prime generator. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
c09ec5d2a0 Generate safe primes not divisible by 3, 5 or 7.
~2% speed improvement on trial division.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
b0513819e0 Add a method to generate a prime that is guaranteed not to be divisible by 3 or 5.
Possibly some reduction in bias, but no speed gains.
2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
b359642ffd Run the prime speed tests for 10 seconds. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
8c9336ce2b Tidy up speed.c a little. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
b5419b81ac Add speed test for prime trial division. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
e46a059ebf Remove static from probable_prime_dh. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
e55fca760b Remove indentation from the goto targets. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
fce0ba5fcd Strip trailing whitespace from Configure. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
d7f200779c Add a new target to Configure for me. 2014-06-01 15:31:26 +01:00
Dr. Stephen Henson
3009244da4 Set default global mask to UTF8 only. 2014-06-01 15:03:00 +01:00
David Ramos
92d81ba622 Allocate extra space when NETSCAPE_HANG_BUG defined.
Make sure there is an extra 4 bytes for server done message when
NETSCAPE_HANG_BUG is defined.

PR#3361
2014-06-01 14:27:22 +01:00
David Ramos
7e2c6f7eb0 Initialise alg.
PR#3313
2014-06-01 13:04:10 +01:00
Dr. Stephen Henson
4fdf91742e Use correct digest when exporting keying material.
PR#3319
2014-05-31 13:43:02 +01:00
Dr. Stephen Henson
7ce79a5bfd Don't compile heartbeat test code on Windows (for now). 2014-05-31 13:43:02 +01:00
Hubert Kario
9ed03faac4 add description of -attime to man page
the verify app man page didn't describe the usage of attime option
even though it was listed as a valid option in the -help message.

This patch fixes this omission.
2014-05-30 23:26:35 +01:00
Hubert Kario
08bef7be1e add description of -no_ecdhe option to s_server man page
While the -help message references this option, the man page
doesn't mention the -no_ecdhe option.
This patch fixes this omission.
2014-05-30 22:59:43 +01:00
Andy Polyakov
e09ea622bb aesv8-armx.pl: add CTR implementation.
Submitted by: Ard Biesheuvel.
2014-05-29 22:45:35 +02:00
Dr. Stephen Henson
46d889f33e Set version number correctly.
PR#3249
2014-05-29 14:33:32 +01:00
František Bořánek
4da0ddc47e Fix memory leak.
PR#3278
2014-05-29 14:33:32 +01:00
Martin Kaiser
1c4575ebc3 remove duplicate 0x for default RSASSA-PSS salt len 2014-05-29 14:33:32 +01:00
Andy Polyakov
7cbdb975c2 aesp8-ppc.pl: optimize CBC decrypt even further.
10-19% improvement depending on key length and endianness.
2014-05-29 15:10:12 +02:00
Peter Mosmans
028bac0670 Fix for test_bn regular expression to work on Windows using MSYS. PR#3346 2014-05-27 23:29:32 +01:00
Matt Caswell
3d9243f1b6 Changed -strictpem to use PEM_read_bio 2014-05-26 23:31:37 +01:00
Matt Caswell
6b5c1d940b Added -strictpem parameter to enable processing of PEM files with data prior to the BEGIN marker 2014-05-26 17:24:11 +01:00
Juli Mallett
487dac87e3 Fix cast of boolean where cast of LHS intended.
Closes #74.
2014-05-26 13:16:12 +01:00
Matt Caswell
15658d0cbf Fixed error in args for SSL_set_msg_callback and SSL_set_msg_callback_arg 2014-05-25 23:45:12 +01:00
Ben Laurie
ba4477d649 Make it build.
Closes #31.
2014-05-25 17:35:04 +01:00
Christian Heimes
56431240ae add test case to makefiles 2014-05-25 17:35:04 +01:00
Christian Heimes
4d4a535dcf Implement tests for PKCS#5 PBKDF2 HMAC 2014-05-25 17:35:04 +01:00
Dr. Stephen Henson
0930251df8 Don't use expired certificates if possible.
When looking for the issuer of a certificate, if current candidate is
expired, continue looking. Only return an expired certificate if no valid
certificates are found.

PR#3359
2014-05-25 04:50:15 +01:00
Dr. Stephen Henson
6c21b860ba Rename vpm_int.h to x509_lcl.h 2014-05-25 04:50:14 +01:00
Matt Caswell
955376fde3 Fix for non compilation with TLS_DEBUG defined 2014-05-24 23:55:27 +01:00
Ben Laurie
894172f207 Only copy opensslconf.h at init time. 2014-05-24 15:42:18 +01:00
Martin Kaiser
c5f0b9bd86 Modify the description of -noout to match the manpage. PR#3364 2014-05-24 00:04:25 +01:00
Martin Kaiser
189ae368d9 Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352 2014-05-24 00:02:24 +01:00
Luiz Angelo Daros de Luca
dd36fce023 OpenSSL is able to generate a certificate with name constraints with any possible
subjectAltName field. The Name Contraint example in x509v3_config(5) even use IP
as an example:

	nameConstraints=permitted;IP:192.168.0.0/255.255.0.0

However, until now, the verify code for IP name contraints did not exist. Any
check with a IP Address Name Constraint results in a "unsupported name constraint
type" error.

This patch implements support for IP Address Name Constraint (v4 and v6). This code
validaded correcly certificates with multiple IPv4/IPv6 address checking against
a CA certificate with these constraints:

	permitted;IP.1=10.9.0.0/255.255.0.0
	permitted;IP.2=10.48.0.0/255.255.0.0
	permitted;IP.3=10.148.0.0/255.255.0.0
	permitted;IP.4=fdc8:123f:e31f::/ffff:ffff:ffff::

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2014-05-23 23:05:38 +01:00
Andy Polyakov
fda29b6db0 aesp8-ppc.pl: add optimized CBC decrypt. 2014-05-23 20:15:06 +02:00
Andy Polyakov
b83d09f552 vpaes-ppc.pl: comply with ABI. 2014-05-23 20:14:38 +02:00
Ben Laurie
27da939490 Merge branch 'heartbeat-test' of git://github.com/mbland/openssl 2014-05-22 22:00:17 +01:00
Mike Bland
647c70f765 Fix heartbeat_test for -DOPENSSL_NO_HEARTBEATS
Replaces the entire test with a trivial implementation when
OPENSSL_NO_HEARTBEATS is defined.
2014-05-22 15:23:10 -04:00
Ben Laurie
eb33348879 Check length first in BUF_strnlen(). 2014-05-22 10:13:22 +01:00
Matt Caswell
085ccc542a Fixed minor copy&paste error, and stray space causing rendering problem 2014-05-22 00:07:35 +01:00
Matt Caswell
df24f29ae6 Fixed unterminated B tag, causing build to fail with newer pod2man versions 2014-05-22 00:00:23 +01:00