openssl.git
14 years agoEnsure that the addition mods[i]+delta cannot overflow in probable_prime().
Bodo Möller [Mon, 18 Sep 2006 14:00:49 +0000 (14:00 +0000)]
Ensure that the addition mods[i]+delta cannot overflow in probable_prime().

[Problem pointed out by Adam Young <adamy (at) acm.org>]

14 years agoOverhaul of by_dir code to handle dynamic loading of CRLs.
Dr. Stephen Henson [Sun, 17 Sep 2006 17:16:28 +0000 (17:16 +0000)]
Overhaul of by_dir code to handle dynamic loading of CRLs.

14 years agoGOST public key algorithm ENGINE donated to the OpenSSL by Cryptocom.
Dr. Stephen Henson [Sun, 17 Sep 2006 13:00:18 +0000 (13:00 +0000)]
GOST public key algorithm ENGINE donated to the OpenSSL by Cryptocom.

Very early version, doesn't do much yet, not even added to the build system.

14 years agoSupport for AKID in CRLs and partial support for IDP. Overhaul of CRL
Dr. Stephen Henson [Thu, 14 Sep 2006 17:25:02 +0000 (17:25 +0000)]
Support for AKID in CRLs and partial support for IDP. Overhaul of CRL
handling to support this.

14 years agoUpdate docs.
Dr. Stephen Henson [Wed, 13 Sep 2006 03:28:42 +0000 (03:28 +0000)]
Update docs.

14 years agoUpdate
Bodo Möller [Tue, 12 Sep 2006 14:42:19 +0000 (14:42 +0000)]
Update

14 years agoFixes for new CRL/cert callbacks. Update CRL processing code to use new
Dr. Stephen Henson [Mon, 11 Sep 2006 13:00:52 +0000 (13:00 +0000)]
Fixes for new CRL/cert callbacks. Update CRL processing code to use new
callbacks.

14 years agoensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
Bodo Möller [Mon, 11 Sep 2006 09:49:03 +0000 (09:49 +0000)]
ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
ciphersuite as well

14 years agoAdd verify callback functions to lookup a STACK of matching certs or CRLs
Dr. Stephen Henson [Sun, 10 Sep 2006 12:38:37 +0000 (12:38 +0000)]
Add verify callback functions to lookup a STACK of matching certs or CRLs
based on subject name.

New thread safe functions to retrieve matching STACK from X509_STORE.

Cache some IDP components.

14 years agoMake sure the int_rsa_verify() prototype matches the implementation
Bodo Möller [Fri, 8 Sep 2006 06:00:40 +0000 (06:00 +0000)]
Make sure the int_rsa_verify() prototype matches the implementation
(m_len currently is 'unsigned int', not 'size_t')

Submitted by: Gisle Vanem

14 years agoAdditional detail.
Dr. Stephen Henson [Wed, 6 Sep 2006 11:59:04 +0000 (11:59 +0000)]
Additional detail.

14 years agoupdate information on "current version" ...
Bodo Möller [Wed, 6 Sep 2006 11:54:19 +0000 (11:54 +0000)]
update information on "current version" ...

14 years agoAdd an FAQ.
Dr. Stephen Henson [Wed, 6 Sep 2006 11:53:50 +0000 (11:53 +0000)]
Add an FAQ.

14 years agoRemove non-functional part of recent patch, after discussion with
Bodo Möller [Wed, 6 Sep 2006 06:43:11 +0000 (06:43 +0000)]
Remove non-functional part of recent patch, after discussion with
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)

14 years agoMake consistent with 0.9.8-branch version of this file
Bodo Möller [Wed, 6 Sep 2006 06:42:11 +0000 (06:42 +0000)]
Make consistent with 0.9.8-branch version of this file

14 years agoEvery change so far that is in the 0.9.8 branch is (or should be) in HEAD
Bodo Möller [Wed, 6 Sep 2006 06:34:52 +0000 (06:34 +0000)]
Every change so far that is in the 0.9.8 branch is (or should be) in HEAD

14 years agoAvoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
Mark J. Cox [Tue, 5 Sep 2006 08:58:03 +0000 (08:58 +0000)]
Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339)

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson

14 years agoRewrite sha1-586.pl.
Andy Polyakov [Thu, 31 Aug 2006 21:27:30 +0000 (21:27 +0000)]
Rewrite sha1-586.pl.

14 years agoFix bug in aes-586.pl.
Andy Polyakov [Thu, 31 Aug 2006 21:15:38 +0000 (21:15 +0000)]
Fix bug in aes-586.pl.

14 years agoFix bug in x86unix.pl introduced in latest update.
Andy Polyakov [Thu, 31 Aug 2006 21:12:17 +0000 (21:12 +0000)]
Fix bug in x86unix.pl introduced in latest update.
PR: 1380

14 years agoKill more C++ comments.
Dr. Stephen Henson [Thu, 31 Aug 2006 21:01:15 +0000 (21:01 +0000)]
Kill more C++ comments.

14 years agoFix C++ style comments, change assert to OPENSSL_assert, stop warning with
Dr. Stephen Henson [Thu, 31 Aug 2006 20:56:20 +0000 (20:56 +0000)]
Fix C++ style comments, change assert to OPENSSL_assert, stop warning with
pedantic mode.

14 years agoFix leak
Dr. Stephen Henson [Thu, 31 Aug 2006 20:10:37 +0000 (20:10 +0000)]
Fix leak

14 years agoForward port of IGE mode.
Ben Laurie [Thu, 31 Aug 2006 14:04:04 +0000 (14:04 +0000)]
Forward port of IGE mode.

14 years agoMake things static that should be. Declare stuff in headers that should be.
Ben Laurie [Mon, 28 Aug 2006 17:01:04 +0000 (17:01 +0000)]
Make things static that should be. Declare stuff in headers that should be.
Fix warnings.

14 years agoAccording to documentation, including time.h declares select() on
Richard Levitte [Sun, 20 Aug 2006 05:54:35 +0000 (05:54 +0000)]
According to documentation, including time.h declares select() on
OpenVMS, and possibly more.

Ref: http://h71000.www7.hp.com/doc/82final/6529/6529pro_019.html#r_select

14 years agoCorrect warnings about signedness.
Richard Levitte [Sun, 20 Aug 2006 05:18:12 +0000 (05:18 +0000)]
Correct warnings about signedness.

14 years agoUse gmtime on cygwin
Ulf Möller [Sun, 13 Aug 2006 09:03:38 +0000 (09:03 +0000)]
Use gmtime on cygwin
Submitted by: Corinna Vinschen

14 years ago+20% tune-up for Power5.
Andy Polyakov [Wed, 9 Aug 2006 15:40:30 +0000 (15:40 +0000)]
+20% tune-up for Power5.

14 years agoRevised AES_cbc_encrypt in x86 assembler module.
Andy Polyakov [Mon, 7 Aug 2006 09:05:52 +0000 (09:05 +0000)]
Revised AES_cbc_encrypt in x86 assembler module.

14 years agoCorrect punctuation.
Ulf Möller [Sat, 5 Aug 2006 20:45:06 +0000 (20:45 +0000)]
Correct punctuation.
PR: 1367

14 years agoAgressively prefetch S-box in SSE codepatch, relax alignment requirement,
Andy Polyakov [Wed, 2 Aug 2006 22:38:16 +0000 (22:38 +0000)]
Agressively prefetch S-box in SSE codepatch, relax alignment requirement,
check for SSE bit instead of MMX, as pshufw was introduces in PIII, minor
optimization, typos...

14 years agoSwitch to compact S-box when generating AES key schedule.
Andy Polyakov [Wed, 2 Aug 2006 07:46:56 +0000 (07:46 +0000)]
Switch to compact S-box when generating AES key schedule.

14 years agoSwitch to compact S-box when generating AES key schedule.
Andy Polyakov [Tue, 1 Aug 2006 22:10:39 +0000 (22:10 +0000)]
Switch to compact S-box when generating AES key schedule.

14 years agoReal Bourne shell doesn't interpret ==, but =.
Andy Polyakov [Tue, 1 Aug 2006 16:12:10 +0000 (16:12 +0000)]
Real Bourne shell doesn't interpret ==, but =.

14 years agoEngage assembler in solaris64-x86_64-cc.
Andy Polyakov [Mon, 31 Jul 2006 22:28:40 +0000 (22:28 +0000)]
Engage assembler in solaris64-x86_64-cc.

14 years agoperlasm/x86unix.pl update.
Andy Polyakov [Mon, 31 Jul 2006 22:26:40 +0000 (22:26 +0000)]
perlasm/x86unix.pl update.

14 years agoNext generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusively
Andy Polyakov [Mon, 31 Jul 2006 20:03:56 +0000 (20:03 +0000)]
Next generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusively
256 byte S-box. AES_cbc_encrypt needs further work as it should also use
slow routines when processing smaller amount of data.

14 years agoCamellia IPR information
Bodo Möller [Mon, 31 Jul 2006 11:50:01 +0000 (11:50 +0000)]
Camellia IPR information

14 years agoSupport for multiple CRLs with same issuer name in X509_STORE. Modify
Dr. Stephen Henson [Tue, 25 Jul 2006 17:39:38 +0000 (17:39 +0000)]
Support for multiple CRLs with same issuer name in X509_STORE. Modify
verify logic to try to use an unexpired CRL if possible.

14 years agoCache some CRL related extensions.
Dr. Stephen Henson [Mon, 24 Jul 2006 12:39:22 +0000 (12:39 +0000)]
Cache some CRL related extensions.

14 years agoAvoid warning.
Dr. Stephen Henson [Fri, 21 Jul 2006 22:46:19 +0000 (22:46 +0000)]
Avoid warning.

14 years agoAvoid WIN32 warning.
Dr. Stephen Henson [Fri, 21 Jul 2006 22:28:48 +0000 (22:28 +0000)]
Avoid WIN32 warning.

14 years agoAvoid warnings.
Dr. Stephen Henson [Fri, 21 Jul 2006 22:26:31 +0000 (22:26 +0000)]
Avoid warnings.

14 years agoUse correct pointer types for various functions.
Dr. Stephen Henson [Thu, 20 Jul 2006 16:56:47 +0000 (16:56 +0000)]
Use correct pointer types for various functions.

14 years agoNew Camellia implementation (replacing previous version)
Bodo Möller [Wed, 19 Jul 2006 13:38:26 +0000 (13:38 +0000)]
New Camellia implementation (replacing previous version)

Submitted by: NTT

14 years agoCamellia information
Bodo Möller [Wed, 19 Jul 2006 13:36:40 +0000 (13:36 +0000)]
Camellia information

14 years agoStore canonical encodings of Name structures. Update X509_NAME_cmp() to use
Dr. Stephen Henson [Tue, 18 Jul 2006 12:36:19 +0000 (12:36 +0000)]
Store canonical encodings of Name structures. Update X509_NAME_cmp() to use
them.

14 years agoReimplement outer rounds as "compact" in x86 assembler. This has rather
Andy Polyakov [Tue, 18 Jul 2006 10:05:38 +0000 (10:05 +0000)]
Reimplement outer rounds as "compact" in x86 assembler. This has rather
strong impact on decrypt performance, 20-25%. One probably should consider
switching between slower and faster routines depending on how much data
we were asked to process.

14 years agoWIN32 fixes signed/unsigned issues and slightly socket semantics.
Dr. Stephen Henson [Mon, 17 Jul 2006 18:52:51 +0000 (18:52 +0000)]
WIN32 fixes signed/unsigned issues and slightly socket semantics.

14 years agoUpdate .cvsignore again.
Dr. Stephen Henson [Mon, 17 Jul 2006 16:42:06 +0000 (16:42 +0000)]
Update .cvsignore again.

14 years agoUpdate .cvsignore
Dr. Stephen Henson [Mon, 17 Jul 2006 16:40:20 +0000 (16:40 +0000)]
Update .cvsignore

14 years agoFix various error codes to match functions.
Dr. Stephen Henson [Mon, 17 Jul 2006 16:33:31 +0000 (16:33 +0000)]
Fix various error codes to match functions.

14 years agoAdd -timeout option to ocsp utility.
Dr. Stephen Henson [Mon, 17 Jul 2006 13:26:54 +0000 (13:26 +0000)]
Add -timeout option to ocsp utility.

14 years agoNew non-blocking OCSP functionality.
Dr. Stephen Henson [Mon, 17 Jul 2006 12:18:28 +0000 (12:18 +0000)]
New non-blocking OCSP functionality.

14 years agoAdd option for "compact" rounds to aes_x86core.c. "Compact" rounds are
Andy Polyakov [Fri, 14 Jul 2006 09:57:55 +0000 (09:57 +0000)]
Add option for "compact" rounds to aes_x86core.c. "Compact" rounds are
those referencing compact, 256-byte, S-boxes.

14 years agoThere is should be no need to rewind the input stream any more.
Dr. Stephen Henson [Thu, 13 Jul 2006 20:29:55 +0000 (20:29 +0000)]
There is should be no need to rewind the input stream any more.

For S/MIME multipart/signed type the signature is calculated on the fly.

For other detached data forms the stream isn't used after the single pass to
calculate signatures.

For non-detached the data is stored in a memory BIO.

14 years agoIn genpkey, also look for algorithm string name in any supplied ENGINE.
Dr. Stephen Henson [Wed, 12 Jul 2006 18:00:20 +0000 (18:00 +0000)]
In genpkey, also look for algorithm string name in any supplied ENGINE.

14 years agoBugfix: don't look in internal table for signature if found in application
Dr. Stephen Henson [Wed, 12 Jul 2006 16:30:40 +0000 (16:30 +0000)]
Bugfix: don't look in internal table for signature if found in application
supplied list.

14 years agoTypo.
Dr. Stephen Henson [Wed, 12 Jul 2006 13:28:44 +0000 (13:28 +0000)]
Typo.

14 years agoNew docs for EVP_Digest{Sign,Verify}*() function. Update existing docs.
Dr. Stephen Henson [Wed, 12 Jul 2006 12:31:30 +0000 (12:31 +0000)]
New docs for EVP_Digest{Sign,Verify}*() function. Update existing docs.

14 years agoAdd docs for pkeyparam. Update some existing docs.
Dr. Stephen Henson [Mon, 10 Jul 2006 23:10:26 +0000 (23:10 +0000)]
Add docs for pkeyparam. Update some existing docs.

14 years agoUpdate some usage messages.
Dr. Stephen Henson [Mon, 10 Jul 2006 22:49:08 +0000 (22:49 +0000)]
Update some usage messages.

14 years agomake update
Dr. Stephen Henson [Mon, 10 Jul 2006 18:40:42 +0000 (18:40 +0000)]
make update

14 years agoAllow digests to supply S/MIME micalg values from a ctrl.
Dr. Stephen Henson [Mon, 10 Jul 2006 18:36:55 +0000 (18:36 +0000)]
Allow digests to supply S/MIME micalg values from a ctrl.

Send ctrls to EVP_PKEY_METHOD during signing of PKCS7 structure so
customisation is possible.

14 years agoNew functions to add and free up application defined signature OIDs.
Dr. Stephen Henson [Sun, 9 Jul 2006 16:05:43 +0000 (16:05 +0000)]
New functions to add and free up application defined signature OIDs.

14 years agoSet detached flag in PKCS7 structure earlier to avoid eating up memory.
Dr. Stephen Henson [Sun, 9 Jul 2006 12:02:08 +0000 (12:02 +0000)]
Set detached flag in PKCS7 structure earlier to avoid eating up memory.

PR: 1071

14 years agoPublic key comparison and printing routine functions.
Dr. Stephen Henson [Sun, 9 Jul 2006 11:26:13 +0000 (11:26 +0000)]
Public key comparison and printing routine functions.

14 years agoEVP_PKEY_get_default_digest() manual page.
Dr. Stephen Henson [Sun, 9 Jul 2006 11:01:49 +0000 (11:01 +0000)]
EVP_PKEY_get_default_digest() manual page.

14 years agoEVP_PKEY_CTX_ctrl() docs.
Dr. Stephen Henson [Sun, 9 Jul 2006 10:51:03 +0000 (10:51 +0000)]
EVP_PKEY_CTX_ctrl() docs.

14 years agoUpdate docs.
Dr. Stephen Henson [Sun, 9 Jul 2006 01:59:30 +0000 (01:59 +0000)]
Update docs.

14 years agoNew functions to enumerate digests and ciphers.
Dr. Stephen Henson [Sun, 9 Jul 2006 00:53:45 +0000 (00:53 +0000)]
New functions to enumerate digests and ciphers.

14 years agoKeygen docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 21:42:49 +0000 (21:42 +0000)]
Keygen docs.

14 years agoEVP_PKEY_derive() docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 12:47:52 +0000 (12:47 +0000)]
EVP_PKEY_derive() docs.

14 years agoAdd some examples.
Dr. Stephen Henson [Sat, 8 Jul 2006 12:46:51 +0000 (12:46 +0000)]
Add some examples.

14 years agoEVP_PKEY_verify() docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 11:22:23 +0000 (11:22 +0000)]
EVP_PKEY_verify() docs.

14 years agoNew docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 11:13:01 +0000 (11:13 +0000)]
New docs.

14 years agoUpdate docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 10:55:03 +0000 (10:55 +0000)]
Update docs.

14 years agoAdd some EVP_PKEY_METHOD docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 10:45:08 +0000 (10:45 +0000)]
Add some EVP_PKEY_METHOD docs.

14 years agoUpdate docs with algorithm options.
Dr. Stephen Henson [Sat, 8 Jul 2006 10:01:33 +0000 (10:01 +0000)]
Update docs with algorithm options.

14 years agoTypo.
Dr. Stephen Henson [Sat, 8 Jul 2006 00:50:25 +0000 (00:50 +0000)]
Typo.

14 years agoInitial docs for pkeyutl.
Dr. Stephen Henson [Sat, 8 Jul 2006 00:47:04 +0000 (00:47 +0000)]
Initial docs for pkeyutl.

14 years agoDocs for new utilities.
Dr. Stephen Henson [Sat, 8 Jul 2006 00:24:47 +0000 (00:24 +0000)]
Docs for new utilities.

14 years agoAdd documentation for new smime options.
Dr. Stephen Henson [Fri, 7 Jul 2006 21:44:23 +0000 (21:44 +0000)]
Add documentation for new smime options.

14 years agoFix compiler warnings.
Andy Polyakov [Tue, 4 Jul 2006 20:29:50 +0000 (20:29 +0000)]
Fix compiler warnings.

14 years agoUnsigned vs signed comparison warning.
Andy Polyakov [Tue, 4 Jul 2006 20:29:14 +0000 (20:29 +0000)]
Unsigned vs signed comparison warning.

14 years agoTypos(?) in HEAD/crypto/evp/p_lib.c.
Andy Polyakov [Tue, 4 Jul 2006 20:27:44 +0000 (20:27 +0000)]
Typos(?) in HEAD/crypto/evp/p_lib.c.

14 years agodsa_pub_cmp() doesn't need to check parameters because that is done in
Dr. Stephen Henson [Sun, 2 Jul 2006 21:13:39 +0000 (21:13 +0000)]
dsa_pub_cmp() doesn't need to check parameters because that is done in
EVP_PKEY_cmp().

14 years agoMake return value from EVP_PKEY_cmp() and EVP_PKEY_cmp_parameters() consistent.
Dr. Stephen Henson [Sun, 2 Jul 2006 21:12:40 +0000 (21:12 +0000)]
Make return value from EVP_PKEY_cmp() and EVP_PKEY_cmp_parameters() consistent.

14 years agoPrepare playground for AES experimental code.
Andy Polyakov [Sun, 2 Jul 2006 09:18:00 +0000 (09:18 +0000)]
Prepare playground for AES experimental code.

14 years agodocumentation for "HIGH" vs. "MEDIUM" was not up-to-date
Bodo Möller [Fri, 30 Jun 2006 22:00:13 +0000 (22:00 +0000)]
documentation for "HIGH" vs. "MEDIUM" was not up-to-date

14 years agouse <poll.h> as by Single Unix Specification
Bodo Möller [Fri, 30 Jun 2006 08:14:39 +0000 (08:14 +0000)]
use <poll.h> as by Single Unix Specification

14 years agoalways read in RAND_poll() if we can't use select because of a too
Bodo Möller [Wed, 28 Jun 2006 14:50:12 +0000 (14:50 +0000)]
always read in RAND_poll() if we can't use select because of a too
large FD: it's non-blocking mode anyway

14 years agoMitigate the hazard of cache-collision timing attack on last round. The
Andy Polyakov [Wed, 28 Jun 2006 08:52:16 +0000 (08:52 +0000)]
Mitigate the hazard of cache-collision timing attack on last round. The
only chance for T[ed]4 to get evicted in this module is when its cache
"overlaps" with last 128 bits of key schedule.

14 years agoMitigate the hazard of cache-collision timing attack on last round. Well,
Andy Polyakov [Wed, 28 Jun 2006 08:48:54 +0000 (08:48 +0000)]
Mitigate the hazard of cache-collision timing attack on last round. Well,
prefetch could have been moved closer to Td4 references. Something for
later consideration...

14 years agoMitigate cache-collision timing attack on last round.
Andy Polyakov [Wed, 28 Jun 2006 08:39:06 +0000 (08:39 +0000)]
Mitigate cache-collision timing attack on last round.

14 years agoFix EVP_PKEY_CTX_dup() to return correct value and handle NULL keys in
Dr. Stephen Henson [Tue, 27 Jun 2006 17:23:24 +0000 (17:23 +0000)]
Fix EVP_PKEY_CTX_dup() to return correct value and handle NULL keys in
the source.

14 years agoUse poll() when possible to gather Unix randomness entropy
Richard Levitte [Tue, 27 Jun 2006 06:31:34 +0000 (06:31 +0000)]
Use poll() when possible to gather Unix randomness entropy

14 years agoNew functions CRYPTO_set_idptr_callback(),
Bodo Möller [Fri, 23 Jun 2006 15:21:36 +0000 (15:21 +0000)]
New functions CRYPTO_set_idptr_callback(),
CRYPTO_get_idptr_callback(), CRYPTO_thread_idptr() for a 'void *' type
thread ID, since the 'unsigned long' type of the existing thread ID
does not always work well.

14 years agoChange in 0.9.8 branch:
Bodo Möller [Thu, 22 Jun 2006 12:37:28 +0000 (12:37 +0000)]
Change in 0.9.8 branch:
Put ECCdraft ciphersuites back into default build (but disabled
unless specifically requested)