generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7,838 Commits 16 Branches 258 Tags
Commit Graph

4093 Commits

Author SHA1 Message Date
Dr. Stephen Henson
ffa5ebf3f4 Compile in gost engine. 2006-09-21 13:07:57 +00:00
Dr. Stephen Henson
1182301ca7 Do CRL method init after other operations. 2006-09-21 12:48:56 +00:00
Dr. Stephen Henson
010fa0b331 Tidy up CRL handling by checking for critical extensions when it is 
loaded. Add new function X509_CRL_get0_by_serial() to lookup a revoked
entry to avoid the need to access the structure directly.

Add new X509_CRL_METHOD to allow common CRL operations (verify, lookup) to be
redirected.
 2006-09-21 12:42:15 +00:00
Andy Polyakov
4b67fefe5a Remove x86ms.pl and reimplement x86*.pl. 2006-09-18 19:17:09 +00:00
Andy Polyakov
3a8012cbf2 Improve 386 portability of aes-586.pl. 2006-09-18 19:13:15 +00:00
Bodo Möller
a53cdc5b08 Ensure that the addition mods[i]+delta cannot overflow in probable_prime(). 
[Problem pointed out by Adam Young <adamy (at) acm.org>]
 2006-09-18 14:00:49 +00:00
Dr. Stephen Henson
5d20c4fb35 Overhaul of by_dir code to handle dynamic loading of CRLs. 2006-09-17 17:16:28 +00:00
Dr. Stephen Henson
bc7535bc7f Support for AKID in CRLs and partial support for IDP. Overhaul of CRL 
handling to support this.
 2006-09-14 17:25:02 +00:00
Dr. Stephen Henson
016bc5ceb3 Fixes for new CRL/cert callbacks. Update CRL processing code to use new 
callbacks.
 2006-09-11 13:00:52 +00:00
Dr. Stephen Henson
4d50a2b4d6 Add verify callback functions to lookup a STACK of matching certs or CRLs 
based on subject name.

New thread safe functions to retrieve matching STACK from X509_STORE.

Cache some IDP components.
 2006-09-10 12:38:37 +00:00
Bodo Möller
7f4301668f Make sure the int_rsa_verify() prototype matches the implementation 
(m_len currently is 'unsigned int', not 'size_t')

Submitted by: Gisle Vanem
 2006-09-08 06:00:40 +00:00
Bodo Möller
2952886010 Remove non-functional part of recent patch, after discussion with 
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
 2006-09-06 06:43:11 +00:00
Mark J. Cox
b79aa05e3b Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher 
(CVE-2006-4339)

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
 2006-09-05 08:58:03 +00:00
Andy Polyakov
500b5a181d Rewrite sha1-586.pl. 2006-08-31 21:27:30 +00:00
Andy Polyakov
2b8a5406f9 Fix bug in aes-586.pl. 2006-08-31 21:15:38 +00:00
Andy Polyakov
2f35ae90fe Fix bug in x86unix.pl introduced in latest update. 
PR: 1380
 2006-08-31 21:12:17 +00:00
Dr. Stephen Henson
02c9b66a6c Fix C++ style comments, change assert to OPENSSL_assert, stop warning with 
pedantic mode.
 2006-08-31 20:56:20 +00:00
Dr. Stephen Henson
539d4c1030 Fix leak 2006-08-31 20:10:37 +00:00
Ben Laurie
aa6d1a0c19 Forward port of IGE mode. 2006-08-31 14:04:04 +00:00
Ben Laurie
777c47acbe Make things static that should be. Declare stuff in headers that should be. 
Fix warnings.
 2006-08-28 17:01:04 +00:00
Ulf Möller
1c23bc5670 Use gmtime on cygwin 
Submitted by: Corinna Vinschen
 2006-08-13 09:03:38 +00:00
Andy Polyakov
8ea975d070 +20% tune-up for Power5. 2006-08-09 15:40:30 +00:00
Andy Polyakov
6c69aa532e Revised AES_cbc_encrypt in x86 assembler module. 2006-08-07 09:05:52 +00:00
Andy Polyakov
fc92414273 Agressively prefetch S-box in SSE codepatch, relax alignment requirement, 
check for SSE bit instead of MMX, as pshufw was introduces in PIII, minor
optimization, typos...
 2006-08-02 22:38:16 +00:00
Andy Polyakov
53154d71c3 Switch to compact S-box when generating AES key schedule. 2006-08-02 07:46:56 +00:00
Andy Polyakov
8cebec9802 Switch to compact S-box when generating AES key schedule. 2006-08-01 22:10:39 +00:00
Andy Polyakov
c8a0d0aaf9 Engage assembler in solaris64-x86_64-cc. 2006-07-31 22:28:40 +00:00
Andy Polyakov
0cc46efa09 perlasm/x86unix.pl update. 2006-07-31 22:26:40 +00:00
Andy Polyakov
22c268e6c9 Next generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusively 
256 byte S-box. AES_cbc_encrypt needs further work as it should also use
slow routines when processing smaller amount of data.
 2006-07-31 20:03:56 +00:00
Dr. Stephen Henson
f6e7d01450 Support for multiple CRLs with same issuer name in X509_STORE. Modify 
verify logic to try to use an unexpired CRL if possible.
 2006-07-25 17:39:38 +00:00
Dr. Stephen Henson
edc540211c Cache some CRL related extensions. 2006-07-24 12:39:22 +00:00
Dr. Stephen Henson
2eed3a3cc8 Avoid warning. 2006-07-21 22:46:19 +00:00
Dr. Stephen Henson
786aa98da1 Use correct pointer types for various functions. 2006-07-20 16:56:47 +00:00
Bodo Möller
413e0853d7 New Camellia implementation (replacing previous version) 
Submitted by: NTT
 2006-07-19 13:38:26 +00:00
Dr. Stephen Henson
450ea83495 Store canonical encodings of Name structures. Update X509_NAME_cmp() to use 
them.
 2006-07-18 12:36:19 +00:00
Andy Polyakov
af8c1d81a3 Reimplement outer rounds as "compact" in x86 assembler. This has rather 
strong impact on decrypt performance, 20-25%. One probably should consider
switching between slower and faster routines depending on how much data
we were asked to process.
 2006-07-18 10:05:38 +00:00
Dr. Stephen Henson
b589427941 WIN32 fixes signed/unsigned issues and slightly socket semantics. 2006-07-17 18:52:51 +00:00
Dr. Stephen Henson
f0fa285f75 Update .cvsignore again. 2006-07-17 16:42:06 +00:00
Dr. Stephen Henson
a0b5b07010 Update .cvsignore 2006-07-17 16:40:20 +00:00
Dr. Stephen Henson
5c95c2ac23 Fix various error codes to match functions. 2006-07-17 16:33:31 +00:00
Dr. Stephen Henson
c1c6c0bf45 New non-blocking OCSP functionality. 2006-07-17 12:18:28 +00:00
Andy Polyakov
dff2922aa7 Add option for "compact" rounds to aes_x86core.c. "Compact" rounds are 
those referencing compact, 256-byte, S-boxes.
 2006-07-14 09:57:55 +00:00
Dr. Stephen Henson
31780d0e26 Bugfix: don't look in internal table for signature if found in application 
supplied list.
 2006-07-12 16:30:40 +00:00
Dr. Stephen Henson
29cf84c692 New docs for EVP_Digest{Sign,Verify}*() function. Update existing docs. 2006-07-12 12:31:30 +00:00
Dr. Stephen Henson
b7683e3a5d Allow digests to supply S/MIME micalg values from a ctrl. 
Send ctrls to EVP_PKEY_METHOD during signing of PKCS7 structure so
customisation is possible.
 2006-07-10 18:36:55 +00:00
Dr. Stephen Henson
0ee2166cc5 New functions to add and free up application defined signature OIDs. 2006-07-09 16:05:43 +00:00
Dr. Stephen Henson
067707e367 Set detached flag in PKCS7 structure earlier to avoid eating up memory. 
PR: 1071
 2006-07-09 12:02:08 +00:00
Dr. Stephen Henson
5ba4bf35c5 New functions to enumerate digests and ciphers. 2006-07-09 00:53:45 +00:00
Andy Polyakov
86bdc0a3ee Fix compiler warnings. 2006-07-04 20:29:50 +00:00
Andy Polyakov
1a4e245f3e Unsigned vs signed comparison warning. 2006-07-04 20:29:14 +00:00