openssl.git
6 years agoMerge branch 'OpenSSL_1_0_2-stable' of openssl.net:openssl into OpenSSL_1_0_2-stable
Bodo Moeller [Tue, 17 Sep 2013 07:59:14 +0000 (09:59 +0200)]
Merge branch 'OpenSSL_1_0_2-stable' of openssl.net:openssl into OpenSSL_1_0_2-stable

6 years agoSync with version from master.
Bodo Moeller [Tue, 17 Sep 2013 07:55:27 +0000 (09:55 +0200)]
Sync with version from master.

6 years agoVarious custom extension fixes.
Trevor Perrin [Sun, 28 Jul 2013 06:10:14 +0000 (23:10 -0700)]
Various custom extension fixes.

Force no SSL2 when custom extensions in use.
Don't clear extension state when cert is set.
Clear on renegotiate.

Conflicts:
ssl/t1_lib.c

6 years agoUpdate CHANGES.
Rob Stradling [Thu, 12 Sep 2013 21:08:07 +0000 (22:08 +0100)]
Update CHANGES.

6 years agoTidy up comments.
Rob Stradling [Tue, 10 Sep 2013 10:50:05 +0000 (11:50 +0100)]
Tidy up comments.

6 years agoUse TLS version supplied by client when fingerprinting Safari.
Rob Stradling [Tue, 10 Sep 2013 10:46:42 +0000 (11:46 +0100)]
Use TLS version supplied by client when fingerprinting Safari.

6 years agoFix compilation with no-ec and/or no-tlsext.
Rob Stradling [Tue, 10 Sep 2013 10:45:37 +0000 (11:45 +0100)]
Fix compilation with no-ec and/or no-tlsext.

6 years agoDon't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
Rob Stradling [Mon, 9 Sep 2013 09:44:29 +0000 (10:44 +0100)]
Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.

6 years agoSync CHANGES and NEWS files.
Bodo Moeller [Mon, 16 Sep 2013 12:54:34 +0000 (14:54 +0200)]
Sync CHANGES and NEWS files.

6 years agoMerge branch 'OpenSSL_1_0_2-stable' of /usr/local/google/home/bmoeller/openssl/openss...
Bodo Moeller [Mon, 16 Sep 2013 12:51:10 +0000 (14:51 +0200)]
Merge branch 'OpenSSL_1_0_2-stable' of /usr/local/google/home/bmoeller/openssl/openssl into OpenSSL_1_0_2-stable

6 years ago Fix overly lenient comparisons:
Bodo Moeller [Mon, 16 Sep 2013 11:03:27 +0000 (13:03 +0200)]
Fix overly lenient comparisons:

    - EC_GROUP_cmp shouldn't consider curves equal just because
      the curve name is the same. (They really *should* be the same
      in this case, but there's an EC_GROUP_set_curve_name API,
      which could be misused.)

    - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
      or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
      equality (not an error).

    Reported by: king cope

(cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)

6 years ago Fix overly lenient comparisons:
Bodo Moeller [Mon, 16 Sep 2013 11:03:27 +0000 (13:03 +0200)]
Fix overly lenient comparisons:

    - EC_GROUP_cmp shouldn't consider curves equal just because
      the curve name is the same. (They really *should* be the same
      in this case, but there's an EC_GROUP_set_curve_name API,
      which could be misused.)

    - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
      or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
      equality (not an error).

    Reported by: king cope

(cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)

6 years agoExtend OPENSSL_ia32cap_P (backport from HEAD).
Andy Polyakov [Sun, 15 Sep 2013 20:13:54 +0000 (22:13 +0200)]
Extend OPENSSL_ia32cap_P (backport from HEAD).

6 years agocrypto/armcap.c: fix typo in rdtsc subroutine.
Andy Polyakov [Sun, 15 Sep 2013 20:07:49 +0000 (22:07 +0200)]
crypto/armcap.c: fix typo in rdtsc subroutine.

PR: 3125
Submitted by: Kyle McMartin
(cherry picked from commit 8e52a9063a8a016bdac780005256994d26f9c2f9)

6 years agoadd -badsig option to corrupt CRL signatures for testing too
Dr. Stephen Henson [Sun, 2 Dec 2012 16:48:25 +0000 (16:48 +0000)]
add -badsig option to corrupt CRL signatures for testing too
(cherry picked from commit 139cd16cc58330840890f914c318f00de6bfd831)

6 years agoAdd missing code from SSL_CONF backport.
Dr. Stephen Henson [Fri, 13 Sep 2013 15:19:15 +0000 (16:19 +0100)]
Add missing code from SSL_CONF backport.

6 years agoConstification.
Ben Laurie [Tue, 10 Sep 2013 16:58:44 +0000 (17:58 +0100)]
Constification.

6 years agocrypto/modes/asm/aesni-gcm-x86_64.pl: minor optimization.
Andy Polyakov [Mon, 9 Sep 2013 19:43:21 +0000 (21:43 +0200)]
crypto/modes/asm/aesni-gcm-x86_64.pl: minor optimization.

Avoid occasional up to 8% performance drops.
(cherry picked from commit 7a1a12232a84621271bf808107f3be9a2df5121a)

6 years agocrypto/bn/asm/x86_64-mont.pl: minor optimization.
Andy Polyakov [Mon, 9 Sep 2013 19:40:33 +0000 (21:40 +0200)]
crypto/bn/asm/x86_64-mont.pl: minor optimization.
(cherry picked from commit 72a158703bf2b33f4eba6920302941560f7a848d)

6 years agoRevert "x86cpuid.pl: fix extended feature flags detection."
Andy Polyakov [Mon, 9 Sep 2013 19:35:15 +0000 (21:35 +0200)]
Revert "x86cpuid.pl: fix extended feature flags detection."

This reverts commit 514f1a783515e9beb73b759a483c078813cf8ba0.

6 years agoRemove ancient PATENTS section and FAQ reference.
Dr. Stephen Henson [Sun, 8 Sep 2013 20:22:57 +0000 (21:22 +0100)]
Remove ancient PATENTS section and FAQ reference.
(cherry picked from commit ce4555967ec0fa7c0b9c15823be52dc23fd09a40)

6 years agoPartial path fix.
Dr. Stephen Henson [Sun, 8 Sep 2013 18:26:59 +0000 (19:26 +0100)]
Partial path fix.

When verifying a partial path always check to see if the EE certificate
is explicitly trusted: the path could contain other untrusted certificates.
(cherry picked from commit 52073b76753815ef1dcc3ab3f9dba75803f717f4)

6 years agoDocument supported curve functions.
Dr. Stephen Henson [Tue, 3 Sep 2013 14:42:40 +0000 (15:42 +0100)]
Document supported curve functions.
(cherry picked from commit c3eb33763bf2999843fe4124f3f39dea6edc26e6)

6 years agoDocument -force_pubkey option.
Dr. Stephen Henson [Wed, 21 Aug 2013 12:39:27 +0000 (13:39 +0100)]
Document -force_pubkey option.
(cherry picked from commit b093a06866bf632a97a9a0286e2d08f69c3cf7dd)

6 years agoCorrect ECDSA example.
Dr. Stephen Henson [Tue, 20 Aug 2013 15:33:02 +0000 (16:33 +0100)]
Correct ECDSA example.
(cherry picked from commit 3a918ea2bbf4175d9461f81be1403d3781b2c0dc)

6 years agofix printout of expiry days if -enddate is used in ca
Dr. Stephen Henson [Tue, 20 Nov 2012 15:22:15 +0000 (15:22 +0000)]
fix printout of expiry days if -enddate is used in ca
(cherry picked from commit f7ac0ec89d0daefdea2956c55c17f1246e81c0a6)

6 years agoTime difference functions.
Dr. Stephen Henson [Mon, 19 Nov 2012 15:12:07 +0000 (15:12 +0000)]
Time difference functions.

Backport of ASN1_TIME_diff and OPENSSL_gmtime_diff functions from master
branch.

6 years agonew command line option -stdname to ciphers utility
Dr. Stephen Henson [Fri, 16 Nov 2012 00:35:46 +0000 (00:35 +0000)]
new command line option -stdname to ciphers utility
(cherry picked from commit 51b9115b6dcaf94718de3c8b4d97b00f8cd63cd5)

6 years agoAdd new test option set the version in generated certificates: this
Dr. Stephen Henson [Fri, 30 Nov 2012 19:24:13 +0000 (19:24 +0000)]
Add new test option set the version in generated certificates: this
is needed to test some profiles/protocols which reject certificates
with unsupported versions.
(cherry picked from commit df316fd43c5b1e063b84279f245087a578b67e9b)

6 years agooption to output corrupted signature in certificates for testing purposes
Dr. Stephen Henson [Sun, 25 Nov 2012 22:29:52 +0000 (22:29 +0000)]
option to output corrupted signature in certificates for testing purposes
(cherry picked from commit 96cfba0fb46a392697295eb6c1350e3110411a75)

6 years agoupdate usage messages
Dr. Stephen Henson [Mon, 19 Nov 2012 23:20:40 +0000 (23:20 +0000)]
update usage messages
(cherry picked from commit 7c8ac5050473ec938f2c2e3e5c9063d680be36a1)

6 years agoadd -naccept <n> option to s_server to automatically exit after <n> connections
Dr. Stephen Henson [Sun, 18 Nov 2012 15:45:16 +0000 (15:45 +0000)]
add -naccept <n> option to s_server to automatically exit after <n> connections
(cherry picked from commit b5cadfb564a604c0ba1c49984ac796cfd8310731)

6 years agowith -rev close connection if client sends "CLOSE"
Dr. Stephen Henson [Mon, 19 Nov 2012 23:41:24 +0000 (23:41 +0000)]
with -rev close connection if client sends "CLOSE"
(cherry picked from commit 685755937a4f9f8b16f8953f631e14808f785c39)

6 years agoAdd simple external session cache to s_server. This serialises sessions
Dr. Stephen Henson [Mon, 19 Aug 2013 12:46:36 +0000 (13:46 +0100)]
Add simple external session cache to s_server. This serialises sessions
just like a "real" server making it easier to trace any problems.

(manually applied from commit 35b0ea4efe24dee3194964588655d1a3187c6e63)

6 years agoRemove commented out debug line.
Dr. Stephen Henson [Mon, 19 Aug 2013 12:30:00 +0000 (13:30 +0100)]
Remove commented out debug line.

6 years agoMake no-ec compilation work.
Dr. Stephen Henson [Sat, 17 Aug 2013 16:40:08 +0000 (17:40 +0100)]
Make no-ec compilation work.

(cherry picked from commit 14536c8c9c0abb894afcadb9a58b4b29fc8f7a4d)

6 years agoAdd -rev test option to s_server to just reverse order of characters received
Dr. Stephen Henson [Fri, 14 Sep 2012 13:27:05 +0000 (13:27 +0000)]
Add -rev test option to s_server to just reverse order of characters received
by client and send back to server. Also prints an abbreviated summary of
the connection parameters.
(cherry picked from commit 4f3df8bea2981b1547eaae8704f0207c7766c2fa)

6 years agoAdd -brief option to s_client and s_server to summarise connection details.
Dr. Stephen Henson [Mon, 19 Aug 2013 11:36:50 +0000 (12:36 +0100)]
Add -brief option to s_client and s_server to summarise connection details.

New option -verify_quiet to shut up the verify callback unless there is
an error.

(manually applied from commit 2a7cbe77b3abb244c2211d22d7aa3416b97c9342)

6 years agoAdd documentation.
Dr. Stephen Henson [Fri, 16 Aug 2013 17:11:29 +0000 (18:11 +0100)]
Add documentation.

Preliminary documentation for chain and verify stores and certificate chain
setting functions.
(cherry picked from commit eeb15452a053c14305210522be0e7313cb763bac)

6 years agoReturn 1 when setting ECDH auto mode.
Dr. Stephen Henson [Sat, 17 Aug 2013 13:21:54 +0000 (14:21 +0100)]
Return 1 when setting ECDH auto mode.
(cherry picked from commit 42082eda6f3d64ce87184d65c4eae06d677e971c)

6 years agoDTLS message_sequence number wrong in rehandshake ServerHello
Michael Tuexen [Tue, 13 Aug 2013 17:53:19 +0000 (18:53 +0100)]
DTLS message_sequence number wrong in rehandshake ServerHello

This fix ensures that
* A HelloRequest is retransmitted if not responded by a ClientHello
* The HelloRequest "consumes" the sequence number 0. The subsequent
ServerHello uses the sequence number 1.
* The client also expects the sequence number of the ServerHello to
be 1 if a HelloRequest was received earlier.
This patch fixes the RFC violation.
(cherry picked from commit b62f4daac00303280361924b9cc19b3e27528b15)

6 years agoDTLS handshake fix.
Michael Tuexen [Thu, 8 Aug 2013 12:28:55 +0000 (13:28 +0100)]
DTLS handshake fix.

Reported by: Prashant Jaikumar <rmstar@gmail.com>

Fix handling of application data received before a handshake.
(cherry picked from commit 0c75eeacd3285b395dc75b65c3e6fe6ffbef59f0)

6 years agoFix verify loop with CRL checking.
Dr. Stephen Henson [Fri, 12 Jul 2013 16:35:08 +0000 (17:35 +0100)]
Fix verify loop with CRL checking.

PR #3090
Reported by: Franck Youssef <fry@open.ch>

If no new reason codes are obtained after checking a CRL exit with an
error to avoid repeatedly checking the same CRL.

This will only happen if verify errors such as invalid CRL scope are
overridden in a callback.
(cherry picked from commit 4b26645c1a71cf9ce489e4f79fc836760b670ffe)

6 years agoFix for PEM_X509_INFO_read_bio.
Kaspar Brand [Tue, 6 Aug 2013 15:01:47 +0000 (16:01 +0100)]
Fix for PEM_X509_INFO_read_bio.

PR: 3028
Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys
correctly if they appeared first.
(cherry picked from commit 5ae8d6bcbaff99423a2608559d738a3fcf7ed6dc)

6 years agocrypto/evp/e_aes.c: fix logical pre-processor bug and formatting.
Andy Polyakov [Sat, 3 Aug 2013 14:56:58 +0000 (16:56 +0200)]
crypto/evp/e_aes.c: fix logical pre-processor bug and formatting.

Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by
Ard Biesheuvel of Linaro.
(cherry picked from commit 044f63086051d7542fa9485a1432498c39c4d8fa)

6 years agocrypto/bn/asm/rsax-x86_64.pl: make it work on Darwin.
Andy Polyakov [Sat, 3 Aug 2013 14:28:50 +0000 (16:28 +0200)]
crypto/bn/asm/rsax-x86_64.pl: make it work on Darwin.
(cherry picked from commit fd8ad019e194f54fbc651897c1b3b4cc1898c6c4)

6 years agocrypto/sha/asm/sha*-x86_64.pl: comply with Win64 ABI.
Andy Polyakov [Wed, 31 Jul 2013 21:50:15 +0000 (23:50 +0200)]
crypto/sha/asm/sha*-x86_64.pl: comply with Win64 ABI.
(cherry picked from commit 006784378db1a8957fcf587ee1deaa5cf2ae76c7)

6 years agoCosmetic touchups.
Trevor [Mon, 24 Jun 2013 22:59:05 +0000 (15:59 -0700)]
Cosmetic touchups.

6 years agoSupport new rsaz asm stuff.
Ben Laurie [Fri, 12 Jul 2013 11:48:24 +0000 (12:48 +0100)]
Support new rsaz asm stuff.

6 years agobn/asm/rsaz-avx2.pl: Windows-specific fix.
Andy Polyakov [Fri, 12 Jul 2013 16:59:17 +0000 (18:59 +0200)]
bn/asm/rsaz-avx2.pl: Windows-specific fix.
(cherry picked from commit 5c57c69f9ebcc933161a24d77f87f17011c9977b)

6 years agos/rsaz_eligible/rsaz_avx2_eligible/.
Ben Laurie [Fri, 12 Jul 2013 11:47:39 +0000 (12:47 +0100)]
s/rsaz_eligible/rsaz_avx2_eligible/.
(cherry picked from commit 852f837f5ee81f2633ddf753fa3a30661ad3835a)

6 years agosha512-586.pl: fix typo.
Andy Polyakov [Wed, 10 Jul 2013 07:59:25 +0000 (09:59 +0200)]
sha512-586.pl: fix typo.

Submitted by: Gisle Vanem
(cherry picked from commit 241fba4ea9772662e55577de996273cdb272e611)

6 years agoRemove RSAX engine, superseded by RSAZ module.
Andy Polyakov [Fri, 5 Jul 2013 20:11:28 +0000 (22:11 +0200)]
Remove RSAX engine, superseded by RSAZ module.
(cherry picked from commit f5b132d652e47af3cde3293d54c1bd028d00758d)

Conflicts [resloved]:

Configure

6 years agoTake RSAZ modules into build loop, add glue and engage.
Andy Polyakov [Fri, 5 Jul 2013 19:39:47 +0000 (21:39 +0200)]
Take RSAZ modules into build loop, add glue and engage.

RT: 2582, 2850
(cherry picked from commit ca48ace5c52feb0082954fff00a44e1914b9e7e9)

Conflicts:

Configure

6 years agoAdd RSAZ assembly modules.
Andy Polyakov [Fri, 5 Jul 2013 19:30:18 +0000 (21:30 +0200)]
Add RSAZ assembly modules.

RT: 2582, 2850
(cherry picked from commit 0b4bb91db65697ab6d3a0fc05b140887cbce3080)

6 years agobn/asm/x86_86-mont.pl: optimize reduction for Intel Core family.
Andy Polyakov [Fri, 5 Jul 2013 19:10:56 +0000 (21:10 +0200)]
bn/asm/x86_86-mont.pl: optimize reduction for Intel Core family.
(cherry picked from commit 26e43b48a3fa72fc5d7f3aa849af3d7917deea9d)

6 years agobn/bn_exp.c: harmonize.
Andy Polyakov [Fri, 5 Jul 2013 18:52:58 +0000 (20:52 +0200)]
bn/bn_exp.c: harmonize.
(cherry picked from commit cbce8c4644fa8dfa72e62a2aa921a74eee6d62c9)

6 years agoTrying cherrypick:
Trevor [Mon, 13 May 2013 01:55:27 +0000 (18:55 -0700)]
Trying cherrypick:

Add support for arbitrary TLS extensions.

Contributed by Trevor Perrin.

Conflicts:

CHANGES
ssl/ssl.h
ssl/ssltest.c
test/testssl

Fix compilation due to #endif.

Cherrypicking more stuff.

Cleanup of custom extension stuff.

serverinfo rejects non-empty extensions.

Omit extension if no relevant serverinfo data.

Improve error-handling in serverinfo callback.

Cosmetic cleanups.

s_client documentation.

s_server documentation.

SSL_CTX_serverinfo documentation.

Cleaup -1 and NULL callback handling for custom extensions, add tests.

Cleanup ssl_rsa.c serverinfo code.

Whitespace cleanup.

Improve comments in ssl.h for serverinfo.

Whitespace.

Cosmetic cleanup.

Reject non-zero-len serverinfo extensions.

Whitespace.

Make it build.

Conflicts:

test/testssl

6 years agoconfig: fix executable format detection on latest FreeBSD.
Andy Polyakov [Sun, 30 Jun 2013 21:55:55 +0000 (23:55 +0200)]
config: fix executable format detection on latest FreeBSD.

Submitted by: Bryan Drewery
PR: 3075
(cherry picked from commit c256e69d3f3acd0794ae9c1f353f4093bd4c8878)

6 years agobn/bn_exp.c: Solaris-specific fix, T4 MONTMUL relies on alloca.
Andy Polyakov [Sun, 30 Jun 2013 21:09:09 +0000 (23:09 +0200)]
bn/bn_exp.c: Solaris-specific fix, T4 MONTMUL relies on alloca.
(cherry picked from commit b74ce8d9489b319c0d097ff116b5a0bdb634462d)

6 years agox86_64-xlate.pl: Windows fixes.
Andy Polyakov [Sun, 30 Jun 2013 21:07:33 +0000 (23:07 +0200)]
x86_64-xlate.pl: Windows fixes.
(cherry picked from commit a9d14832fd98cb0c13b53fddea39765fb259358c)

6 years agoaesni-sha256-x86_64.pl: fix typo in Windows SEH.
Andy Polyakov [Sun, 30 Jun 2013 21:06:28 +0000 (23:06 +0200)]
aesni-sha256-x86_64.pl: fix typo in Windows SEH.
(cherry picked from commit 42386fdb62176ed3af237dd3e802ba9b8c0d4def)

6 years agoPA-RISC assembler pack: switch to bve in 64-bit builds.
Andy Polyakov [Tue, 18 Jun 2013 08:37:00 +0000 (10:37 +0200)]
PA-RISC assembler pack: switch to bve in 64-bit builds.

PR: 3074
(cherry picked from commit 02450ec69dda7815ba1e7bd74eb30f0ae1eb3042)

6 years agoSPARC T4 DES support: fix typo.
Andy Polyakov [Tue, 18 Jun 2013 08:42:08 +0000 (10:42 +0200)]
SPARC T4 DES support: fix typo.
(cherry picked from commit 8ee3c7e676c5edb1d5fbe0d66b7ce307a4f92899)

6 years agoOptimize SPARC T4 MONTMUL support.
Andy Polyakov [Tue, 18 Jun 2013 08:39:38 +0000 (10:39 +0200)]
Optimize SPARC T4 MONTMUL support.

Improve RSA sing performance by 20-30% by:
- switching from floating-point to integer conditional moves;
- daisy-chaining sqr-sqr-sqr-sqr-sqr-mul sequences;
- using MONTMUL even during powers table setup;
(cherry picked from commit 4ddacd9921f48013b5cd011e4b93b294c14db1c2)

6 years agoBackport single makefile from master.
Ben Laurie [Thu, 13 Jun 2013 14:09:48 +0000 (15:09 +0100)]
Backport single makefile from master.

6 years agoWrong include path.
Ben Laurie [Thu, 13 Jun 2013 12:26:22 +0000 (13:26 +0100)]
Wrong include path.

6 years agoTypo: don't call RAND_cleanup during app startup.
Dr. Stephen Henson [Wed, 12 Jun 2013 20:16:31 +0000 (21:16 +0100)]
Typo: don't call RAND_cleanup during app startup.

6 years agoaesni-sha1-x86_64.pl: update performance data.
Andy Polyakov [Mon, 10 Jun 2013 20:35:22 +0000 (22:35 +0200)]
aesni-sha1-x86_64.pl: update performance data.
(cherry picked from commit 3b848d3401de1892415e46561ae75f06ff65e823)

6 years agoaesni-sha256-x86_64.pl: harmonize with latest sha512-x86_64.pl.
Andy Polyakov [Mon, 10 Jun 2013 20:34:06 +0000 (22:34 +0200)]
aesni-sha256-x86_64.pl: harmonize with latest sha512-x86_64.pl.
(cherry picked from commit 42b9a4177bf9d465ff9ac8d4e1526301d809a87e)

6 years agosha1-x86_64.pl: add AVX2+BMI code path.
Andy Polyakov [Mon, 10 Jun 2013 20:30:34 +0000 (22:30 +0200)]
sha1-x86_64.pl: add AVX2+BMI code path.
(cherry picked from commit cd8d7335afcdef97312e05a9bd29b17a00796f48)

6 years agosha512-x86_64.pl: upcoming-Atom-specific optimization.
Andy Polyakov [Mon, 10 Jun 2013 20:29:01 +0000 (22:29 +0200)]
sha512-x86_64.pl: upcoming-Atom-specific optimization.
(cherry picked from commit c7f690c243f5ad3dccaa6dbb918c92eb39622711)

6 years agosha[256|512]-586.pl: add more SIMD code paths.
Andy Polyakov [Mon, 10 Jun 2013 20:26:53 +0000 (22:26 +0200)]
sha[256|512]-586.pl: add more SIMD code paths.
(cherry picked from commit 32213d8d77e0ce6afc4b19f94c228812d0bf8fd5)

6 years agoghash-x86_64.pl: add Haswell performance data.
Andy Polyakov [Mon, 10 Jun 2013 20:25:12 +0000 (22:25 +0200)]
ghash-x86_64.pl: add Haswell performance data.
(cherry picked from commit b42759158d8b7e5b23c7a24d11bc7f2194f55007)

6 years agox86cpuid.pl: fix extended feature flags detection.
Andy Polyakov [Mon, 10 Jun 2013 20:20:46 +0000 (22:20 +0200)]
x86cpuid.pl: fix extended feature flags detection.
(cherry picked from commit 1bc0b68d7b8c7620487310ed84fa273ba0d9f428)

7 years agoDon't use RC2 with PKCS#12 files in FIPS mode.
Dr. Stephen Henson [Thu, 30 May 2013 20:39:50 +0000 (21:39 +0100)]
Don't use RC2 with PKCS#12 files in FIPS mode.
(cherry picked from commit cdb6c48445ded3daafab32e5f266943d07bb512b)

7 years agoFix PSS signature printing.
Dr. Stephen Henson [Sun, 5 May 2013 12:34:03 +0000 (13:34 +0100)]
Fix PSS signature printing.

Fix PSS signature printing: consistently use 0x prefix for hex values for
padding length and trailer fields.
(cherry picked from commit deb24ad53147f5a8dd63416224a5edd7bbc0e74a)

7 years agoReencode with X509_CRL_ctx_sign too.
Dr. Stephen Henson [Fri, 3 May 2013 11:31:47 +0000 (12:31 +0100)]
Reencode with X509_CRL_ctx_sign too.
(cherry picked from commit 96940f4f2d0300c033379a87db0ff19e598c6264)

7 years agoHeader needed for SOCK_STREAM on FreeBSD.
Ben Laurie [Tue, 4 Jun 2013 15:27:05 +0000 (16:27 +0100)]
Header needed for SOCK_STREAM on FreeBSD.

7 years agoFix missing/incorrect prototype.
Ben Laurie [Tue, 4 Jun 2013 15:17:30 +0000 (16:17 +0100)]
Fix missing/incorrect prototype.

7 years agoMissing prototypes.
Ben Laurie [Tue, 4 Jun 2013 14:14:18 +0000 (15:14 +0100)]
Missing prototypes.

7 years agoRemove added ;.
Ben Laurie [Tue, 4 Jun 2013 14:05:18 +0000 (15:05 +0100)]
Remove added ;.

7 years agocrypto/modes: even more strict aliasing fixes [and fix bug in cbc128.c from
Andy Polyakov [Mon, 5 Nov 2012 17:03:39 +0000 (17:03 +0000)]
crypto/modes: even more strict aliasing fixes [and fix bug in cbc128.c from
previous cbc128.c commit].

7 years agocbc128.c: fix strict aliasing warning.
Andy Polyakov [Mon, 5 Nov 2012 10:04:02 +0000 (10:04 +0000)]
cbc128.c: fix strict aliasing warning.

7 years agocrypto/bn/bn_exp.c: SPARC portability fix.
Andy Polyakov [Sat, 1 Jun 2013 07:58:07 +0000 (09:58 +0200)]
crypto/bn/bn_exp.c: SPARC portability fix.
(cherry picked from commit b69437e1e5cdf9c6dfda17cc238f87f730b198ac)

7 years agoaesni-sha1-x86_64.pl: Atom-specific optimization.
Andy Polyakov [Sat, 25 May 2013 17:08:39 +0000 (19:08 +0200)]
aesni-sha1-x86_64.pl: Atom-specific optimization.
(cherry picked from commit 4df2280b4f4747256a729116fef0f1c2af457522)

7 years agosha512-x86_64.pl: +16% optimization for Atom.
Andy Polyakov [Sat, 25 May 2013 17:02:57 +0000 (19:02 +0200)]
sha512-x86_64.pl: +16% optimization for Atom.

(and pending AVX2 changes).
(cherry picked from commit 504bbcf3cd236353d7e5ef66fc3bfbf5c7935791)

7 years agovpaes-x86[_64].pl: minor Atom-specific optimization.
Andy Polyakov [Sat, 25 May 2013 16:57:03 +0000 (18:57 +0200)]
vpaes-x86[_64].pl: minor Atom-specific optimization.
(cherry picked from commit 988d11b64193da65e7f9bbf436ad2a08d8d57142)

7 years agoevp/e_aes.c: engage SPARC T4 AES support [from master].
Andy Polyakov [Mon, 20 May 2013 14:36:53 +0000 (16:36 +0200)]
evp/e_aes.c: engage SPARC T4 AES support [from master].

7 years agoevp/e_aes.c: engage AES-NI GCM stitch.
Andy Polyakov [Mon, 20 May 2013 14:30:21 +0000 (16:30 +0200)]
evp/e_aes.c: engage AES-NI GCM stitch.

7 years agoevp/evp_err.c: update from master.
Andy Polyakov [Mon, 20 May 2013 14:16:34 +0000 (16:16 +0200)]
evp/evp_err.c: update from master.

7 years agoevp/e_camellia.c: engage SPARC T5 Camellia support [from master].
Andy Polyakov [Mon, 20 May 2013 14:09:13 +0000 (16:09 +0200)]
evp/e_camellia.c: engage SPARC T5 Camellia support [from master].

7 years agoevp/e_des[3].c: engage SPARC T4 DES support.
Andy Polyakov [Mon, 20 May 2013 14:08:39 +0000 (16:08 +0200)]
evp/e_des[3].c: engage SPARC T4 DES support.

7 years agoAdd BN support for SPARC VIS3 and T4 [from master].
Andy Polyakov [Mon, 20 May 2013 13:48:13 +0000 (15:48 +0200)]
Add BN support for SPARC VIS3 and T4 [from master].

7 years agomd5_locl.h: enable assembly support on SPARC [from master].
Andy Polyakov [Sun, 19 May 2013 22:33:09 +0000 (00:33 +0200)]
md5_locl.h: enable assembly support on SPARC [from master].

7 years agosparcv9cap.c: update from master.
Andy Polyakov [Sun, 19 May 2013 22:16:18 +0000 (00:16 +0200)]
sparcv9cap.c: update from master.

7 years agoAdd MD5 SPARC T4 code from master.
Andy Polyakov [Sun, 19 May 2013 22:08:15 +0000 (00:08 +0200)]
Add MD5 SPARC T4 code from master.

7 years agoAdd SHA SPARC T4 code from master.
Andy Polyakov [Sun, 19 May 2013 22:04:38 +0000 (00:04 +0200)]
Add SHA SPARC T4 code from master.

7 years agoAdd Camellia SPARC T4 module from master.
Andy Polyakov [Sun, 19 May 2013 21:58:54 +0000 (23:58 +0200)]
Add Camellia SPARC T4 module from master.

7 years agoAdd AES SPARC T4 module from master.
Andy Polyakov [Sun, 19 May 2013 21:54:34 +0000 (23:54 +0200)]
Add AES SPARC T4 module from master.