openssl.git
13 years agoCamellia IPR information
Bodo Möller [Mon, 31 Jul 2006 11:50:01 +0000 (11:50 +0000)]
Camellia IPR information

13 years agoSupport for multiple CRLs with same issuer name in X509_STORE. Modify
Dr. Stephen Henson [Tue, 25 Jul 2006 17:39:38 +0000 (17:39 +0000)]
Support for multiple CRLs with same issuer name in X509_STORE. Modify
verify logic to try to use an unexpired CRL if possible.

13 years agoCache some CRL related extensions.
Dr. Stephen Henson [Mon, 24 Jul 2006 12:39:22 +0000 (12:39 +0000)]
Cache some CRL related extensions.

13 years agoAvoid warning.
Dr. Stephen Henson [Fri, 21 Jul 2006 22:46:19 +0000 (22:46 +0000)]
Avoid warning.

13 years agoAvoid WIN32 warning.
Dr. Stephen Henson [Fri, 21 Jul 2006 22:28:48 +0000 (22:28 +0000)]
Avoid WIN32 warning.

13 years agoAvoid warnings.
Dr. Stephen Henson [Fri, 21 Jul 2006 22:26:31 +0000 (22:26 +0000)]
Avoid warnings.

13 years agoUse correct pointer types for various functions.
Dr. Stephen Henson [Thu, 20 Jul 2006 16:56:47 +0000 (16:56 +0000)]
Use correct pointer types for various functions.

13 years agoNew Camellia implementation (replacing previous version)
Bodo Möller [Wed, 19 Jul 2006 13:38:26 +0000 (13:38 +0000)]
New Camellia implementation (replacing previous version)

Submitted by: NTT

13 years agoCamellia information
Bodo Möller [Wed, 19 Jul 2006 13:36:40 +0000 (13:36 +0000)]
Camellia information

13 years agoStore canonical encodings of Name structures. Update X509_NAME_cmp() to use
Dr. Stephen Henson [Tue, 18 Jul 2006 12:36:19 +0000 (12:36 +0000)]
Store canonical encodings of Name structures. Update X509_NAME_cmp() to use
them.

13 years agoReimplement outer rounds as "compact" in x86 assembler. This has rather
Andy Polyakov [Tue, 18 Jul 2006 10:05:38 +0000 (10:05 +0000)]
Reimplement outer rounds as "compact" in x86 assembler. This has rather
strong impact on decrypt performance, 20-25%. One probably should consider
switching between slower and faster routines depending on how much data
we were asked to process.

13 years agoWIN32 fixes signed/unsigned issues and slightly socket semantics.
Dr. Stephen Henson [Mon, 17 Jul 2006 18:52:51 +0000 (18:52 +0000)]
WIN32 fixes signed/unsigned issues and slightly socket semantics.

13 years agoUpdate .cvsignore again.
Dr. Stephen Henson [Mon, 17 Jul 2006 16:42:06 +0000 (16:42 +0000)]
Update .cvsignore again.

13 years agoUpdate .cvsignore
Dr. Stephen Henson [Mon, 17 Jul 2006 16:40:20 +0000 (16:40 +0000)]
Update .cvsignore

13 years agoFix various error codes to match functions.
Dr. Stephen Henson [Mon, 17 Jul 2006 16:33:31 +0000 (16:33 +0000)]
Fix various error codes to match functions.

13 years agoAdd -timeout option to ocsp utility.
Dr. Stephen Henson [Mon, 17 Jul 2006 13:26:54 +0000 (13:26 +0000)]
Add -timeout option to ocsp utility.

13 years agoNew non-blocking OCSP functionality.
Dr. Stephen Henson [Mon, 17 Jul 2006 12:18:28 +0000 (12:18 +0000)]
New non-blocking OCSP functionality.

13 years agoAdd option for "compact" rounds to aes_x86core.c. "Compact" rounds are
Andy Polyakov [Fri, 14 Jul 2006 09:57:55 +0000 (09:57 +0000)]
Add option for "compact" rounds to aes_x86core.c. "Compact" rounds are
those referencing compact, 256-byte, S-boxes.

13 years agoThere is should be no need to rewind the input stream any more.
Dr. Stephen Henson [Thu, 13 Jul 2006 20:29:55 +0000 (20:29 +0000)]
There is should be no need to rewind the input stream any more.

For S/MIME multipart/signed type the signature is calculated on the fly.

For other detached data forms the stream isn't used after the single pass to
calculate signatures.

For non-detached the data is stored in a memory BIO.

13 years agoIn genpkey, also look for algorithm string name in any supplied ENGINE.
Dr. Stephen Henson [Wed, 12 Jul 2006 18:00:20 +0000 (18:00 +0000)]
In genpkey, also look for algorithm string name in any supplied ENGINE.

13 years agoBugfix: don't look in internal table for signature if found in application
Dr. Stephen Henson [Wed, 12 Jul 2006 16:30:40 +0000 (16:30 +0000)]
Bugfix: don't look in internal table for signature if found in application
supplied list.

13 years agoTypo.
Dr. Stephen Henson [Wed, 12 Jul 2006 13:28:44 +0000 (13:28 +0000)]
Typo.

13 years agoNew docs for EVP_Digest{Sign,Verify}*() function. Update existing docs.
Dr. Stephen Henson [Wed, 12 Jul 2006 12:31:30 +0000 (12:31 +0000)]
New docs for EVP_Digest{Sign,Verify}*() function. Update existing docs.

13 years agoAdd docs for pkeyparam. Update some existing docs.
Dr. Stephen Henson [Mon, 10 Jul 2006 23:10:26 +0000 (23:10 +0000)]
Add docs for pkeyparam. Update some existing docs.

13 years agoUpdate some usage messages.
Dr. Stephen Henson [Mon, 10 Jul 2006 22:49:08 +0000 (22:49 +0000)]
Update some usage messages.

13 years agomake update
Dr. Stephen Henson [Mon, 10 Jul 2006 18:40:42 +0000 (18:40 +0000)]
make update

13 years agoAllow digests to supply S/MIME micalg values from a ctrl.
Dr. Stephen Henson [Mon, 10 Jul 2006 18:36:55 +0000 (18:36 +0000)]
Allow digests to supply S/MIME micalg values from a ctrl.

Send ctrls to EVP_PKEY_METHOD during signing of PKCS7 structure so
customisation is possible.

13 years agoNew functions to add and free up application defined signature OIDs.
Dr. Stephen Henson [Sun, 9 Jul 2006 16:05:43 +0000 (16:05 +0000)]
New functions to add and free up application defined signature OIDs.

13 years agoSet detached flag in PKCS7 structure earlier to avoid eating up memory.
Dr. Stephen Henson [Sun, 9 Jul 2006 12:02:08 +0000 (12:02 +0000)]
Set detached flag in PKCS7 structure earlier to avoid eating up memory.

PR: 1071

13 years agoPublic key comparison and printing routine functions.
Dr. Stephen Henson [Sun, 9 Jul 2006 11:26:13 +0000 (11:26 +0000)]
Public key comparison and printing routine functions.

13 years agoEVP_PKEY_get_default_digest() manual page.
Dr. Stephen Henson [Sun, 9 Jul 2006 11:01:49 +0000 (11:01 +0000)]
EVP_PKEY_get_default_digest() manual page.

13 years agoEVP_PKEY_CTX_ctrl() docs.
Dr. Stephen Henson [Sun, 9 Jul 2006 10:51:03 +0000 (10:51 +0000)]
EVP_PKEY_CTX_ctrl() docs.

13 years agoUpdate docs.
Dr. Stephen Henson [Sun, 9 Jul 2006 01:59:30 +0000 (01:59 +0000)]
Update docs.

13 years agoNew functions to enumerate digests and ciphers.
Dr. Stephen Henson [Sun, 9 Jul 2006 00:53:45 +0000 (00:53 +0000)]
New functions to enumerate digests and ciphers.

13 years agoKeygen docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 21:42:49 +0000 (21:42 +0000)]
Keygen docs.

13 years agoEVP_PKEY_derive() docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 12:47:52 +0000 (12:47 +0000)]
EVP_PKEY_derive() docs.

13 years agoAdd some examples.
Dr. Stephen Henson [Sat, 8 Jul 2006 12:46:51 +0000 (12:46 +0000)]
Add some examples.

13 years agoEVP_PKEY_verify() docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 11:22:23 +0000 (11:22 +0000)]
EVP_PKEY_verify() docs.

13 years agoNew docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 11:13:01 +0000 (11:13 +0000)]
New docs.

13 years agoUpdate docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 10:55:03 +0000 (10:55 +0000)]
Update docs.

13 years agoAdd some EVP_PKEY_METHOD docs.
Dr. Stephen Henson [Sat, 8 Jul 2006 10:45:08 +0000 (10:45 +0000)]
Add some EVP_PKEY_METHOD docs.

13 years agoUpdate docs with algorithm options.
Dr. Stephen Henson [Sat, 8 Jul 2006 10:01:33 +0000 (10:01 +0000)]
Update docs with algorithm options.

13 years agoTypo.
Dr. Stephen Henson [Sat, 8 Jul 2006 00:50:25 +0000 (00:50 +0000)]
Typo.

13 years agoInitial docs for pkeyutl.
Dr. Stephen Henson [Sat, 8 Jul 2006 00:47:04 +0000 (00:47 +0000)]
Initial docs for pkeyutl.

13 years agoDocs for new utilities.
Dr. Stephen Henson [Sat, 8 Jul 2006 00:24:47 +0000 (00:24 +0000)]
Docs for new utilities.

13 years agoAdd documentation for new smime options.
Dr. Stephen Henson [Fri, 7 Jul 2006 21:44:23 +0000 (21:44 +0000)]
Add documentation for new smime options.

13 years agoFix compiler warnings.
Andy Polyakov [Tue, 4 Jul 2006 20:29:50 +0000 (20:29 +0000)]
Fix compiler warnings.

13 years agoUnsigned vs signed comparison warning.
Andy Polyakov [Tue, 4 Jul 2006 20:29:14 +0000 (20:29 +0000)]
Unsigned vs signed comparison warning.

13 years agoTypos(?) in HEAD/crypto/evp/p_lib.c.
Andy Polyakov [Tue, 4 Jul 2006 20:27:44 +0000 (20:27 +0000)]
Typos(?) in HEAD/crypto/evp/p_lib.c.

13 years agodsa_pub_cmp() doesn't need to check parameters because that is done in
Dr. Stephen Henson [Sun, 2 Jul 2006 21:13:39 +0000 (21:13 +0000)]
dsa_pub_cmp() doesn't need to check parameters because that is done in
EVP_PKEY_cmp().

13 years agoMake return value from EVP_PKEY_cmp() and EVP_PKEY_cmp_parameters() consistent.
Dr. Stephen Henson [Sun, 2 Jul 2006 21:12:40 +0000 (21:12 +0000)]
Make return value from EVP_PKEY_cmp() and EVP_PKEY_cmp_parameters() consistent.

13 years agoPrepare playground for AES experimental code.
Andy Polyakov [Sun, 2 Jul 2006 09:18:00 +0000 (09:18 +0000)]
Prepare playground for AES experimental code.

13 years agodocumentation for "HIGH" vs. "MEDIUM" was not up-to-date
Bodo Möller [Fri, 30 Jun 2006 22:00:13 +0000 (22:00 +0000)]
documentation for "HIGH" vs. "MEDIUM" was not up-to-date

13 years agouse <poll.h> as by Single Unix Specification
Bodo Möller [Fri, 30 Jun 2006 08:14:39 +0000 (08:14 +0000)]
use <poll.h> as by Single Unix Specification

13 years agoalways read in RAND_poll() if we can't use select because of a too
Bodo Möller [Wed, 28 Jun 2006 14:50:12 +0000 (14:50 +0000)]
always read in RAND_poll() if we can't use select because of a too
large FD: it's non-blocking mode anyway

13 years agoMitigate the hazard of cache-collision timing attack on last round. The
Andy Polyakov [Wed, 28 Jun 2006 08:52:16 +0000 (08:52 +0000)]
Mitigate the hazard of cache-collision timing attack on last round. The
only chance for T[ed]4 to get evicted in this module is when its cache
"overlaps" with last 128 bits of key schedule.

13 years agoMitigate the hazard of cache-collision timing attack on last round. Well,
Andy Polyakov [Wed, 28 Jun 2006 08:48:54 +0000 (08:48 +0000)]
Mitigate the hazard of cache-collision timing attack on last round. Well,
prefetch could have been moved closer to Td4 references. Something for
later consideration...

13 years agoMitigate cache-collision timing attack on last round.
Andy Polyakov [Wed, 28 Jun 2006 08:39:06 +0000 (08:39 +0000)]
Mitigate cache-collision timing attack on last round.

13 years agoFix EVP_PKEY_CTX_dup() to return correct value and handle NULL keys in
Dr. Stephen Henson [Tue, 27 Jun 2006 17:23:24 +0000 (17:23 +0000)]
Fix EVP_PKEY_CTX_dup() to return correct value and handle NULL keys in
the source.

13 years agoUse poll() when possible to gather Unix randomness entropy
Richard Levitte [Tue, 27 Jun 2006 06:31:34 +0000 (06:31 +0000)]
Use poll() when possible to gather Unix randomness entropy

13 years agoNew functions CRYPTO_set_idptr_callback(),
Bodo Möller [Fri, 23 Jun 2006 15:21:36 +0000 (15:21 +0000)]
New functions CRYPTO_set_idptr_callback(),
CRYPTO_get_idptr_callback(), CRYPTO_thread_idptr() for a 'void *' type
thread ID, since the 'unsigned long' type of the existing thread ID
does not always work well.

13 years agoChange in 0.9.8 branch:
Bodo Möller [Thu, 22 Jun 2006 12:37:28 +0000 (12:37 +0000)]
Change in 0.9.8 branch:
Put ECCdraft ciphersuites back into default build (but disabled
unless specifically requested)

13 years agoRemove ECC ciphersuites from 0.9.8 branch (should use 0.9.9 branch)
Bodo Möller [Tue, 20 Jun 2006 08:50:42 +0000 (08:50 +0000)]
Remove ECC ciphersuites from 0.9.8 branch (should use 0.9.9 branch)

13 years agoChange array representation of binary polynomials to make GF2m part of
Bodo Möller [Sun, 18 Jun 2006 22:00:57 +0000 (22:00 +0000)]
Change array representation of binary polynomials to make GF2m part of
the BN library more generally useful.

Submitted by: Douglas Stebila

13 years agoanother thread-safety fix
Bodo Möller [Fri, 16 Jun 2006 01:00:47 +0000 (01:00 +0000)]
another thread-safety fix

13 years agoError messages for client ECC cert verification.
Bodo Möller [Thu, 15 Jun 2006 19:58:22 +0000 (19:58 +0000)]
Error messages for client ECC cert verification.

Also, change the default ciphersuite to give some prefererence to
ciphersuites with forwared secrecy (rather than using a random order).

13 years agoCall 'print_stuff' even if a handshake failed.
Bodo Möller [Thu, 15 Jun 2006 19:00:34 +0000 (19:00 +0000)]
Call 'print_stuff' even if a handshake failed.

13 years agoFix algorithm handling for ECC ciphersuites: Adapt to recent changes,
Bodo Möller [Thu, 15 Jun 2006 18:28:00 +0000 (18:28 +0000)]
Fix algorithm handling for ECC ciphersuites: Adapt to recent changes,
and allow more general RSA OIDs for ECC certs with RSA CA sig.

13 years agoFix another new bug in the cipherstring logic.
Bodo Möller [Thu, 15 Jun 2006 17:17:06 +0000 (17:17 +0000)]
Fix another new bug in the cipherstring logic.

13 years agoFix another bug introduced yesterday when deleting Fortezza stuff:
Bodo Möller [Thu, 15 Jun 2006 16:54:20 +0000 (16:54 +0000)]
Fix another bug introduced yesterday when deleting Fortezza stuff:
make sure 'mask' is initialized in ssl_cipher_get_disabled().

Also simplify code by removing some unused arguments in static functions.

13 years agoOops ... deleted too much in the previous commit when I deleted
Bodo Möller [Thu, 15 Jun 2006 16:07:10 +0000 (16:07 +0000)]
Oops ... deleted too much in the previous commit when I deleted
the Fortezza stuff

13 years agoDisable invalid ciphersuites
Bodo Möller [Wed, 14 Jun 2006 17:51:46 +0000 (17:51 +0000)]
Disable invalid ciphersuites

13 years agoCiphersuite string bugfixes, and ECC-related (re-)definitions.
Bodo Möller [Wed, 14 Jun 2006 17:40:31 +0000 (17:40 +0000)]
Ciphersuite string bugfixes, and ECC-related (re-)definitions.

13 years agoMake sure that AES ciphersuites get priority over Camellia
Bodo Möller [Wed, 14 Jun 2006 13:58:48 +0000 (13:58 +0000)]
Make sure that AES ciphersuites get priority over Camellia
ciphersuites in the default cipher string.

13 years agoThread-safety fixes
Bodo Möller [Wed, 14 Jun 2006 08:55:23 +0000 (08:55 +0000)]
Thread-safety fixes

13 years agoFix a bug recently introduced when updating this file to use the new
Bodo Möller [Wed, 14 Jun 2006 01:16:22 +0000 (01:16 +0000)]
Fix a bug recently introduced when updating this file to use the new
keygen API: make sure that 'pkey_type' is actually visible to MAIN().

13 years agoKeep synchronised with Unix
Richard Levitte [Mon, 12 Jun 2006 06:46:18 +0000 (06:46 +0000)]
Keep synchronised with Unix

13 years agoCamellia cipher, contributed by NTT
Bodo Möller [Sun, 11 Jun 2006 01:09:07 +0000 (01:09 +0000)]
Camellia cipher, contributed by NTT

Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller

13 years agoKeep synchronised with the Unix build
Richard Levitte [Sat, 10 Jun 2006 05:38:23 +0000 (05:38 +0000)]
Keep synchronised with the Unix build

13 years agoCamellia cipher, contributed by NTT
Bodo Möller [Fri, 9 Jun 2006 22:29:40 +0000 (22:29 +0000)]
Camellia cipher, contributed by NTT

Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller

13 years agoCamellia cipher, contributed by NTT
Bodo Möller [Fri, 9 Jun 2006 15:44:59 +0000 (15:44 +0000)]
Camellia cipher, contributed by NTT

Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller

13 years agoOutput MIME parameter micalg according to RFC3851 and RFC4490 instead of hard
Dr. Stephen Henson [Tue, 6 Jun 2006 13:27:36 +0000 (13:27 +0000)]
Output MIME parameter micalg according to RFC3851 and RFC4490 instead of hard
coding it to "sha1".

13 years agoAdd AES and GOST S/MIME capabilities if algorithms are supported.
Dr. Stephen Henson [Tue, 6 Jun 2006 12:35:05 +0000 (12:35 +0000)]
Add AES and GOST S/MIME capabilities if algorithms are supported.

13 years agoFix obvious typo.
Andy Polyakov [Mon, 5 Jun 2006 16:04:09 +0000 (16:04 +0000)]
Fix obvious typo.

13 years agoClarify comment and add #ifdef.
Dr. Stephen Henson [Mon, 5 Jun 2006 12:38:22 +0000 (12:38 +0000)]
Clarify comment and add #ifdef.

13 years agoComplete EVP_PKEY_ASN1_METHOD ENGINE support.
Dr. Stephen Henson [Mon, 5 Jun 2006 11:52:46 +0000 (11:52 +0000)]
Complete EVP_PKEY_ASN1_METHOD ENGINE support.

13 years agoSync aes.h with http://cvs.openssl.org/chngview?cn=15336.
Andy Polyakov [Mon, 5 Jun 2006 10:43:41 +0000 (10:43 +0000)]
Sync aes.h with cvs.openssl.org/chngview?cn=15336.

13 years agoReimplement AES_ofb128_encrypt.
Andy Polyakov [Mon, 5 Jun 2006 10:40:54 +0000 (10:40 +0000)]
Reimplement AES_ofb128_encrypt.

13 years agoCorrect logical error in STRICT_ALIGNMENT check and remove copy of
Andy Polyakov [Mon, 5 Jun 2006 10:40:28 +0000 (10:40 +0000)]
Correct logical error in STRICT_ALIGNMENT check and remove copy of
eay licence, as module is practically rewritten from scratch [well,
even original submission was obviously "almost, but not quite,
entirely unlike" any other eay *_cfb.c module, not to mention new
functions].

13 years agoMinor ppc-xlate.pl update.
Andy Polyakov [Mon, 5 Jun 2006 09:42:31 +0000 (09:42 +0000)]
Minor ppc-xlate.pl update.

13 years agoAdd sha512-ppc.pl module.
Andy Polyakov [Mon, 5 Jun 2006 09:37:55 +0000 (09:37 +0000)]
Add sha512-ppc.pl module.

13 years agoMinor sha1-ppc.pl update.
Andy Polyakov [Mon, 5 Jun 2006 09:35:50 +0000 (09:35 +0000)]
Minor sha1-ppc.pl update.

13 years agoA few more ENGINE strings that need shortening.
Richard Levitte [Sun, 4 Jun 2006 08:22:25 +0000 (08:22 +0000)]
A few more ENGINE strings that need shortening.

13 years agoSynchronise with Unix
Richard Levitte [Sat, 3 Jun 2006 02:17:49 +0000 (02:17 +0000)]
Synchronise with Unix

13 years agoMake update.
Dr. Stephen Henson [Fri, 2 Jun 2006 17:54:47 +0000 (17:54 +0000)]
Make update.

13 years agoInitial public key ASN1 method engine support. Not integrated yet.
Dr. Stephen Henson [Fri, 2 Jun 2006 17:52:27 +0000 (17:52 +0000)]
Initial public key ASN1 method engine support. Not integrated yet.

13 years agoAutomatically free up dynamically allocated public key methods when
Dr. Stephen Henson [Fri, 2 Jun 2006 17:09:17 +0000 (17:09 +0000)]
Automatically free up dynamically allocated public key methods when
and ENGINE is destroyed.

13 years agoExtend default method string to include public key methods.
Dr. Stephen Henson [Fri, 2 Jun 2006 13:09:59 +0000 (13:09 +0000)]
Extend default method string to include public key methods.

Add missing prototypes.

Fix engine method lookup.

13 years agoTypo.
Dr. Stephen Henson [Fri, 2 Jun 2006 12:37:02 +0000 (12:37 +0000)]
Typo.

13 years agoAdd ENGINE support for EVP_PKEY_METHOD including lookups of ENGINE
Dr. Stephen Henson [Fri, 2 Jun 2006 12:33:39 +0000 (12:33 +0000)]
Add ENGINE support for EVP_PKEY_METHOD including lookups of ENGINE
implementations and functional reference counting when a context
is allocated, free or copied.