openssl.git
5 years agoMIPS assembly pack: get rid of deprecated instructions.
Andy Polyakov [Sun, 13 Oct 2013 11:14:52 +0000 (13:14 +0200)]
MIPS assembly pack: get rid of deprecated instructions.

Latest MIPS ISA specification declared 'branch likely' instructions
obsolete. To makes code future-proof replace them with equivalent.

5 years agoevp/e_aes_cbc_hmac_sha*.c: limit multi-block fragmentation to 1KB.
Andy Polyakov [Sat, 12 Oct 2013 20:10:28 +0000 (22:10 +0200)]
evp/e_aes_cbc_hmac_sha*.c: limit multi-block fragmentation to 1KB.

Excessive fragmentation put additional burden (of addtional MAC
calculations) on the other size and limiting fragments it to 1KB
limits the overhead to ~6%.

5 years agoaes/asm/bsaes-x86_64.pl: fix Windows-specific bug in XTS.
Andy Polyakov [Sat, 12 Oct 2013 19:37:55 +0000 (21:37 +0200)]
aes/asm/bsaes-x86_64.pl: fix Windows-specific bug in XTS.

PR: 3139

5 years agobn/asm/rsax-avx2.pl: minor optimization [for Decoded ICache].
Andy Polyakov [Thu, 10 Oct 2013 21:06:43 +0000 (23:06 +0200)]
bn/asm/rsax-avx2.pl: minor optimization [for Decoded ICache].

5 years agobn/bn_exp.c: prefer MULX/AD*X over AVX2.
Andy Polyakov [Wed, 9 Oct 2013 09:08:52 +0000 (11:08 +0200)]
bn/bn_exp.c: prefer MULX/AD*X over AVX2.

5 years agoConfigure: recognize experimental-multiblock.
Andy Polyakov [Tue, 8 Oct 2013 21:41:31 +0000 (23:41 +0200)]
Configure: recognize experimental-multiblock.

5 years agossl/s3_pkt.c: add initial multi-block encrypt.
Andy Polyakov [Tue, 8 Oct 2013 21:40:09 +0000 (23:40 +0200)]
ssl/s3_pkt.c: add initial multi-block encrypt.

5 years agoevp/e_aes_cbc_hmac_sha*.c: harmonize names, fix bugs.
Andy Polyakov [Tue, 8 Oct 2013 21:39:26 +0000 (23:39 +0200)]
evp/e_aes_cbc_hmac_sha*.c: harmonize names, fix bugs.

5 years agoevp/evp.h: add multi-block contstants and parameter type.
Andy Polyakov [Tue, 8 Oct 2013 21:38:05 +0000 (23:38 +0200)]
evp/evp.h: add multi-block contstants and parameter type.

5 years agosha/asm/sha*-mb-x86_64.pl: commentary update.
Andy Polyakov [Tue, 8 Oct 2013 21:36:55 +0000 (23:36 +0200)]
sha/asm/sha*-mb-x86_64.pl: commentary update.

5 years agoConstification.
Ben Laurie [Mon, 7 Oct 2013 11:41:43 +0000 (12:41 +0100)]
Constification.

5 years agoaes/asm/bsaes-*.pl: improve decrypt performance.
Andy Polyakov [Thu, 3 Oct 2013 21:08:31 +0000 (23:08 +0200)]
aes/asm/bsaes-*.pl: improve decrypt performance.

Improve decrypt performance by 10-20% depending on platform. Thanks
to Jussi Kivilinna for providing valuable hint. Also thanks to Ard
Biesheuvel.

5 years agoSupport new asm files.
Ben Laurie [Thu, 3 Oct 2013 10:36:43 +0000 (11:36 +0100)]
Support new asm files.

5 years agoevp/e_des3.c: fix typo with potential integer overflow on 32-bit platforms.
Andy Polyakov [Thu, 3 Oct 2013 08:55:49 +0000 (10:55 +0200)]
evp/e_des3.c: fix typo with potential integer overflow on 32-bit platforms.

Submitted by: Yuriy Kaminskiy

5 years agoperlasm/sparcv9_modes.pl: make it work even with seasoned perl.
Andy Polyakov [Thu, 3 Oct 2013 08:42:11 +0000 (10:42 +0200)]
perlasm/sparcv9_modes.pl: make it work even with seasoned perl.

PR: 3130

5 years agobn/asm/x86_64-mont*.pl: add MULX/ADCX/ADOX code path.
Andy Polyakov [Wed, 2 Oct 2013 22:45:04 +0000 (00:45 +0200)]
bn/asm/x86_64-mont*.pl: add MULX/ADCX/ADOX code path.

5 years agorsaz-x86_64.pl: add MULX/ADCX/ADOX code path.
Andy Polyakov [Wed, 2 Oct 2013 22:30:12 +0000 (00:30 +0200)]
rsaz-x86_64.pl: add MULX/ADCX/ADOX code path.

5 years agox86_64-xlate.pl: fix jrcxz in nasm case.
Andy Polyakov [Wed, 2 Oct 2013 22:26:09 +0000 (00:26 +0200)]
x86_64-xlate.pl: fix jrcxz in nasm case.

5 years agoevp/e_aes_cbc_hmac_sha*.c: multi-block glue code.
Andy Polyakov [Wed, 2 Oct 2013 22:24:03 +0000 (00:24 +0200)]
evp/e_aes_cbc_hmac_sha*.c: multi-block glue code.

5 years agoConfigire: take multi-block modules into build loop.
Andy Polyakov [Wed, 2 Oct 2013 22:21:10 +0000 (00:21 +0200)]
Configire: take multi-block modules into build loop.

5 years agox86_64 assembly pack: add multi-block AES-NI, SHA1 and SHA256.
Andy Polyakov [Wed, 2 Oct 2013 22:18:58 +0000 (00:18 +0200)]
x86_64 assembly pack: add multi-block AES-NI, SHA1 and SHA256.

5 years agoevp/e_aes_cbc_hmac_sha256.c: enable is on all AES-NI platforms, not only on AVX.
Andy Polyakov [Wed, 2 Oct 2013 22:16:51 +0000 (00:16 +0200)]
evp/e_aes_cbc_hmac_sha256.c: enable is on all AES-NI platforms, not only on AVX.

5 years agoaes/asm/*-armv*.pl: compensate for inconsistencies in tool-chains.
Andy Polyakov [Tue, 1 Oct 2013 18:33:06 +0000 (20:33 +0200)]
aes/asm/*-armv*.pl: compensate for inconsistencies in tool-chains.

Suggested by: Ard Biesheuvel

5 years agoProduce PEM we would consume.
Ben Laurie [Wed, 25 Sep 2013 12:55:06 +0000 (13:55 +0100)]
Produce PEM we would consume.

5 years agoShow useful errors.
Ben Laurie [Tue, 24 Sep 2013 22:13:22 +0000 (23:13 +0100)]
Show useful errors.

Conflicts:
apps/s_server.c

5 years agoMix time into the pool to avoid repetition of the Android duplicated PID problem.
Ben Laurie [Fri, 20 Sep 2013 15:52:07 +0000 (16:52 +0100)]
Mix time into the pool to avoid repetition of the Android duplicated PID problem.

5 years agoMerge remote-tracking branch 'trevp/pemfix' into trev-pem-fix
Ben Laurie [Fri, 20 Sep 2013 13:39:33 +0000 (14:39 +0100)]
Merge remote-tracking branch 'trevp/pemfix' into trev-pem-fix

5 years agoMore diagnostics for invalid OIDs.
Ben Laurie [Fri, 20 Sep 2013 13:38:02 +0000 (14:38 +0100)]
More diagnostics for invalid OIDs.

5 years agoaes-armv4.pl, bsaes-armv7.pl: add Linux kernel and Thumb2 support.
Andy Polyakov [Fri, 20 Sep 2013 11:22:57 +0000 (13:22 +0200)]
aes-armv4.pl, bsaes-armv7.pl: add Linux kernel and Thumb2 support.

Submitted by: Ard Biesheuvel

6 years agoAdd functions to set ECDSA_METHOD structure.
Dr. Stephen Henson [Tue, 17 Sep 2013 23:50:15 +0000 (00:50 +0100)]
Add functions to set ECDSA_METHOD structure.

Add various functions to allocate and set the fields of an ECDSA_METHOD
structure.

6 years agoFix error code clashes.
Dr. Stephen Henson [Wed, 18 Sep 2013 00:02:35 +0000 (01:02 +0100)]
Fix error code clashes.

6 years agoDTLS version usage fixes.
Dr. Stephen Henson [Tue, 17 Sep 2013 17:10:37 +0000 (18:10 +0100)]
DTLS version usage fixes.

Make DTLS behave like TLS when negotiating version: record layer has
DTLS 1.0, message version is 1.2.

Tolerate different version numbers if version hasn't been negotiated
yet.

6 years agoMove change note for SSL_OP_SAFARI_ECDHE_ECDSA_BUG.
Bodo Moeller [Tue, 17 Sep 2013 08:06:34 +0000 (10:06 +0200)]
Move change note for SSL_OP_SAFARI_ECDHE_ECDSA_BUG.
(This went into 1.0.2 too, so it's not actually a change
between 1.0.x and 1.1.0.)

6 years agoMove the change note for partial chain verification: this is code from
Bodo Moeller [Tue, 17 Sep 2013 07:48:23 +0000 (09:48 +0200)]
Move the change note for partial chain verification: this is code from
the main branch (http://cvs.openssl.org/chngview?cn=19322) later added
to the 1.0.2 branch (http://cvs.openssl.org/chngview?cn=23113), and
thus not a change "between 1.0.2 and 1.1.0".

6 years agoRedo deletion of some serverinfo code that supplemental data code mistakenly reinstated.
Trevor Perrin [Sat, 14 Sep 2013 01:31:48 +0000 (18:31 -0700)]
Redo deletion of some serverinfo code that supplemental data code mistakenly reinstated.

6 years agoSync CHANGES and NEWS files.
Bodo Moeller [Mon, 16 Sep 2013 12:55:03 +0000 (14:55 +0200)]
Sync CHANGES and NEWS files.

(Various changes from the master branch are now in the 1.0.2 branch too.)

6 years ago Fix overly lenient comparisons:
Bodo Moeller [Mon, 16 Sep 2013 10:59:21 +0000 (12:59 +0200)]
Fix overly lenient comparisons:

    - EC_GROUP_cmp shouldn't consider curves equal just because
      the curve name is the same. (They really *should* be the same
      in this case, but there's an EC_GROUP_set_curve_name API,
      which could be misused.)

    - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
      or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
      equality (not an error).

    Reported by: king cope

6 years agocrypto/armcap.c: fix typo in rdtsc subroutine.
Andy Polyakov [Sun, 15 Sep 2013 20:07:49 +0000 (22:07 +0200)]
crypto/armcap.c: fix typo in rdtsc subroutine.

PR: 3125
Submitted by: Kyle McMartin

6 years agoAdd support for Cygwin-x86_64.
Andy Polyakov [Sun, 15 Sep 2013 19:59:25 +0000 (21:59 +0200)]
Add support for Cygwin-x86_64.

PR: 3110
Submitted by Corinna Vinschen.

6 years agobsaes-armv7.pl: remove partial register operations in CTR subroutine.
Andy Polyakov [Sun, 15 Sep 2013 17:47:51 +0000 (19:47 +0200)]
bsaes-armv7.pl: remove partial register operations in CTR subroutine.

6 years agobsaes-armv7.pl: remove byte order dependency and minor optimization.
Andy Polyakov [Sun, 15 Sep 2013 17:44:43 +0000 (19:44 +0200)]
bsaes-armv7.pl: remove byte order dependency and minor optimization.

6 years agoAdded support for ARM/NEON based bit sliced AES in XTS mode
Ard Biesheuvel [Mon, 5 Aug 2013 11:52:46 +0000 (13:52 +0200)]
Added support for ARM/NEON based bit sliced AES in XTS mode

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
6 years agoUpdate docs to mention "BEGIN SERVERINFO FOR ".
Trevor Perrin [Sat, 14 Sep 2013 02:48:09 +0000 (19:48 -0700)]
Update docs to mention "BEGIN SERVERINFO FOR ".

6 years agoRequire ServerInfo PEMs to be named "BEGIN SERVERINFO FOR"...
Trevor Perrin [Sat, 14 Sep 2013 02:32:55 +0000 (19:32 -0700)]
Require ServerInfo PEMs to be named "BEGIN SERVERINFO FOR"...

6 years agoRedo deletion of some serverinfo code that supplemental data code mistakenly reinstated.
Trevor Perrin [Sat, 14 Sep 2013 01:31:48 +0000 (18:31 -0700)]
Redo deletion of some serverinfo code that supplemental data code mistakenly reinstated.

6 years agoUpdate CHANGES.
Rob Stradling [Thu, 12 Sep 2013 21:12:21 +0000 (22:12 +0100)]
Update CHANGES.

6 years agoTidy up comments.
Rob Stradling [Tue, 10 Sep 2013 11:25:57 +0000 (12:25 +0100)]
Tidy up comments.

6 years agoUse TLS version supplied by client when fingerprinting Safari.
Rob Stradling [Tue, 10 Sep 2013 11:21:27 +0000 (12:21 +0100)]
Use TLS version supplied by client when fingerprinting Safari.

6 years agoFix compilation with no-ec and/or no-tlsext.
Rob Stradling [Tue, 10 Sep 2013 11:20:29 +0000 (12:20 +0100)]
Fix compilation with no-ec and/or no-tlsext.

6 years agotypo
Mat [Tue, 13 Aug 2013 12:45:39 +0000 (14:45 +0200)]
typo

6 years agoInitialize next_proto in s_server - resolves incorrect attempts to free
Scott Deboy [Thu, 12 Sep 2013 00:22:00 +0000 (17:22 -0700)]
Initialize next_proto in s_server - resolves incorrect attempts to free

6 years agoConstification.
Ben Laurie [Tue, 10 Sep 2013 16:58:44 +0000 (17:58 +0100)]
Constification.

6 years agocrypto/modes/asm/aesni-gcm-x86_64.pl: minor optimization.
Andy Polyakov [Mon, 9 Sep 2013 19:43:21 +0000 (21:43 +0200)]
crypto/modes/asm/aesni-gcm-x86_64.pl: minor optimization.

Avoid occasional up to 8% performance drops.

6 years agocrypto/bn/asm/x86_64-mont.pl: minor optimization.
Andy Polyakov [Mon, 9 Sep 2013 19:40:33 +0000 (21:40 +0200)]
crypto/bn/asm/x86_64-mont.pl: minor optimization.

6 years agoRemove ancient PATENTS section and FAQ reference.
Dr. Stephen Henson [Sun, 8 Sep 2013 20:22:57 +0000 (21:22 +0100)]
Remove ancient PATENTS section and FAQ reference.

6 years agoPartial path fix.
Dr. Stephen Henson [Sun, 8 Sep 2013 18:26:59 +0000 (19:26 +0100)]
Partial path fix.

When verifying a partial path always check to see if the EE certificate
is explicitly trusted: the path could contain other untrusted certificates.

6 years agoDocument extension clash.
Dr. Stephen Henson [Sun, 8 Sep 2013 14:07:44 +0000 (15:07 +0100)]
Document extension clash.

6 years agoExperimental encrypt-then-mac support.
Dr. Stephen Henson [Fri, 22 Mar 2013 17:12:33 +0000 (17:12 +0000)]
Experimental encrypt-then-mac support.

Experimental support for encrypt then mac from
draft-gutmann-tls-encrypt-then-mac-02.txt

To enable it set the appropriate extension number (0x10 for the test server)
using e.g. -DTLSEXT_TYPE_encrypt_then_mac=0x10

For non-compliant peers (i.e. just about everything) this should have no
effect.

6 years agoSet TLS v1.2 disabled mask properly.
Dr. Stephen Henson [Sat, 7 Sep 2013 23:09:39 +0000 (00:09 +0100)]
Set TLS v1.2 disabled mask properly.

6 years agoConst fix.
Ben Laurie [Fri, 6 Sep 2013 13:03:28 +0000 (14:03 +0100)]
Const fix.

6 years agoFree generated supp data after handshake completion, add comment regarding use of...
Scott Deboy [Thu, 1 Aug 2013 18:54:09 +0000 (11:54 -0700)]
Free generated supp data after handshake completion, add comment regarding use of num_renegotiations in TLS and supp data generation callbacks

6 years agoMore cleanup.
Ben Laurie [Thu, 1 Aug 2013 11:33:15 +0000 (12:33 +0100)]
More cleanup.

6 years agoMake it build.
Ben Laurie [Thu, 1 Aug 2013 10:14:23 +0000 (11:14 +0100)]
Make it build.

6 years agoAdd callbacks supporting generation and retrieval of supplemental data entries, facil...
Scott Deboy [Tue, 18 Jun 2013 21:34:38 +0000 (14:34 -0700)]
Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.

6 years agos/recommend/recommended/
Ben Laurie [Thu, 5 Sep 2013 20:43:50 +0000 (21:43 +0100)]
s/recommend/recommended/

6 years agomisspellings fixes by https://github.com/vlajos/misspell_fixer
Veres Lajos [Wed, 12 Jun 2013 23:22:32 +0000 (00:22 +0100)]
misspellings fixes by https://github.com/vlajos/misspell_fixer

6 years agoClean up layout.
Ben Laurie [Thu, 5 Sep 2013 16:28:05 +0000 (17:28 +0100)]
Clean up layout.

6 years agoAdd an "-xmpphost" option to s_client
Carlos Alberto Lopez Perez [Mon, 6 Aug 2012 00:24:51 +0000 (02:24 +0200)]
Add an "-xmpphost" option to s_client

 * Many XMPP servers are configured with multiple domains (virtual hosts)
 * In order to establish successfully the TLS connection you have to specify
   which virtual host you are trying to connect.
 * Test this, for example with ::
   * Fail:
       openssl s_client -connect talk.google.com:5222 -starttls xmpp
   * Works:
       openssl s_client -connect talk.google.com:5222 -starttls xmpp -xmpphost gmail.com

6 years agoAdd "xmpp" to the list of supported starttls protocols on s_client manpage
Carlos Alberto Lopez Perez [Mon, 6 Aug 2012 00:12:40 +0000 (02:12 +0200)]
Add "xmpp" to the list of supported starttls protocols on s_client manpage

6 years agoFix infinite loop on s_client starttls xmpp
Carlos Alberto Lopez Perez [Mon, 6 Aug 2012 00:00:07 +0000 (02:00 +0200)]
Fix infinite loop on s_client starttls xmpp

 * When the host used in "-connect" is not what the remote XMPP server expects
   the server will return an error like this:
     <stream:error>
       <host-unknown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/>
     </stream:error>
 * But the actual code will stay on the loop forever because the stop condition
   "/stream:features>" will never happen,
 * Make this more robust: The stop condition should be that BIO_read failed
 * Test if for example with ::

    openssl s_client  -connect random.jabb3r.net:5222 -starttls xmpp

6 years agoFix XMPP code detection on s_client starttls xmpp
Carlos Alberto Lopez Perez [Sun, 5 Aug 2012 23:45:51 +0000 (01:45 +0200)]
Fix XMPP code detection on s_client starttls xmpp

 * Some XMPP Servers (OpenFire) use double quotes.
 * This makes s_client starttls work with this servers.
 * Tested with OpenFire servers from http://xmpp.net/ ::

     openssl s_client -connect coderollers.com:5222 -starttls xmpp

6 years agoDon't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
Rob Stradling [Thu, 5 Sep 2013 12:09:03 +0000 (13:09 +0100)]
Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.

6 years agoDocument supported curve functions.
Dr. Stephen Henson [Tue, 3 Sep 2013 14:42:40 +0000 (15:42 +0100)]
Document supported curve functions.

6 years agoDocument -force_pubkey option.
Dr. Stephen Henson [Wed, 21 Aug 2013 12:39:27 +0000 (13:39 +0100)]
Document -force_pubkey option.

6 years agoCorrect ECDSA example.
Dr. Stephen Henson [Tue, 20 Aug 2013 15:33:02 +0000 (16:33 +0100)]
Correct ECDSA example.

6 years agoCorrectly test for no-ec.
Ben Laurie [Wed, 21 Aug 2013 03:21:57 +0000 (04:21 +0100)]
Correctly test for no-ec.

6 years agoFix compile errors.
Ben Laurie [Wed, 21 Aug 2013 03:21:42 +0000 (04:21 +0100)]
Fix compile errors.

6 years agoTypo: don't call RAND_cleanup during app startup.
Dr. Stephen Henson [Wed, 12 Jun 2013 20:16:31 +0000 (21:16 +0100)]
Typo: don't call RAND_cleanup during app startup.
(cherry picked from commit 90e7f983b573c3f3c722a02db4491a1b1cd87e8c)

6 years agoAdd documentation.
Dr. Stephen Henson [Fri, 16 Aug 2013 17:11:29 +0000 (18:11 +0100)]
Add documentation.

Preliminary documentation for chain and verify stores and certificate chain
setting functions.

6 years agoDon't run ECDH CMS tests if EC disabled.
Dr. Stephen Henson [Sat, 17 Aug 2013 16:39:48 +0000 (17:39 +0100)]
Don't run ECDH CMS tests if EC disabled.

6 years agoMake no-ec compilation work.
Dr. Stephen Henson [Sat, 17 Aug 2013 16:40:08 +0000 (17:40 +0100)]
Make no-ec compilation work.

6 years agoReturn 1 when setting ECDH auto mode.
Dr. Stephen Henson [Sat, 17 Aug 2013 13:21:54 +0000 (14:21 +0100)]
Return 1 when setting ECDH auto mode.

6 years agoAdd the server 'hang' issue to the FAQ
Dr. Stephen Henson [Wed, 14 Aug 2013 15:34:17 +0000 (16:34 +0100)]
Add the server 'hang' issue to the FAQ

6 years agoDTLS message_sequence number wrong in rehandshake ServerHello
Michael Tuexen [Tue, 13 Aug 2013 17:53:19 +0000 (18:53 +0100)]
DTLS message_sequence number wrong in rehandshake ServerHello

This fix ensures that
* A HelloRequest is retransmitted if not responded by a ClientHello
* The HelloRequest "consumes" the sequence number 0. The subsequent
ServerHello uses the sequence number 1.
* The client also expects the sequence number of the ServerHello to
be 1 if a HelloRequest was received earlier.
This patch fixes the RFC violation.

6 years agoDTLS handshake fix.
Michael Tuexen [Thu, 8 Aug 2013 12:28:55 +0000 (13:28 +0100)]
DTLS handshake fix.

Reported by: Prashant Jaikumar <rmstar@gmail.com>

Fix handling of application data received before a handshake.

6 years agoFix for PEM_X509_INFO_read_bio.
Kaspar Brand [Tue, 6 Aug 2013 15:01:47 +0000 (16:01 +0100)]
Fix for PEM_X509_INFO_read_bio.

PR: 3028
Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys
correctly if they appeared first.

6 years agoUpdate cms docs.
Dr. Stephen Henson [Mon, 5 Aug 2013 14:56:01 +0000 (15:56 +0100)]
Update cms docs.

6 years agoAdd X9.42 DH test.
Dr. Stephen Henson [Fri, 2 Aug 2013 14:57:54 +0000 (15:57 +0100)]
Add X9.42 DH test.

6 years agoAdd X9.42 DH certificate to S/MIME test
Dr. Stephen Henson [Fri, 2 Aug 2013 14:51:46 +0000 (15:51 +0100)]
Add X9.42 DH certificate to S/MIME test

6 years agoCMS RFC2631 X9.42 DH enveloped data support.
Dr. Stephen Henson [Sat, 20 Jul 2013 20:31:10 +0000 (21:31 +0100)]
CMS RFC2631 X9.42 DH enveloped data support.

6 years agoAdd KDF for DH.
Dr. Stephen Henson [Tue, 30 Jul 2013 17:05:08 +0000 (18:05 +0100)]
Add KDF for DH.

Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.

Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.

6 years agoExtend DH parameter generation support.
Dr. Stephen Henson [Wed, 31 Jul 2013 17:10:16 +0000 (18:10 +0100)]
Extend DH parameter generation support.

Add support for DH parameter generation using DSA methods including
FIPS 186-3.

6 years agoEnhance DH dup functions.
Dr. Stephen Henson [Sat, 20 Jul 2013 20:25:50 +0000 (21:25 +0100)]
Enhance DH dup functions.

Make DHparams_dup work properly with X9.42 DH parameters.

6 years agoIf present print j, seed and counter values for DH
Dr. Stephen Henson [Fri, 2 Aug 2013 13:40:00 +0000 (14:40 +0100)]
If present print j, seed and counter values for DH

6 years agoMinor optimisation to KDF algorithm.
Dr. Stephen Henson [Thu, 1 Aug 2013 14:48:44 +0000 (15:48 +0100)]
Minor optimisation to KDF algorithm.

Don't need to use temporary buffer if remaining length equals digest length.

6 years agoAlgorithm parameter support.
Dr. Stephen Henson [Mon, 5 Aug 2013 14:40:50 +0000 (15:40 +0100)]
Algorithm parameter support.

Check and set AlgorithmIdenfier parameters for key wrap algorithms.
Currently these just set parameters to NULL.

6 years agocrypto/evp/e_aes.c: fix logical pre-processor bug and formatting.
Andy Polyakov [Sat, 3 Aug 2013 14:56:58 +0000 (16:56 +0200)]
crypto/evp/e_aes.c: fix logical pre-processor bug and formatting.

Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by
Ard Biesheuvel of Linaro.

6 years agocrypto/bn/asm/rsax-x86_64.pl: make it work on Darwin.
Andy Polyakov [Sat, 3 Aug 2013 14:28:50 +0000 (16:28 +0200)]
crypto/bn/asm/rsax-x86_64.pl: make it work on Darwin.

6 years agocrypto/sha/asm/sha*-x86_64.pl: comply with Win64 ABI.
Andy Polyakov [Wed, 31 Jul 2013 21:50:15 +0000 (23:50 +0200)]
crypto/sha/asm/sha*-x86_64.pl: comply with Win64 ABI.

6 years agoVarious custom extension fixes.
Trevor Perrin [Sun, 28 Jul 2013 06:10:14 +0000 (23:10 -0700)]
Various custom extension fixes.

Force no SSL2 when custom extensions in use.
Don't clear extension state when cert is set.
Clear on renegotiate.