generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7,231 Commits 16 Branches 258 Tags
Commit Graph

3545 Commits

Author SHA1 Message Date
Richard Levitte
95475b1c7a As in 0.9.8-dev, make sure we use unsigned constants, or some 
compilers may complain.
 2004-03-15 23:06:59 +00:00
Richard Levitte
ec37635c94 It was just pointed out to me that it's better to cast to double... 2004-03-15 23:02:55 +00:00
Richard Levitte
fd836aeee0 Make sure that the last argument to RAND_add() is a float, or some 
compilers may complain.
 2004-03-15 22:37:08 +00:00
Richard Levitte
560f7abb7e Make sure we use unsigned constants, or come compilers may complain. 2004-03-15 22:33:19 +00:00
Geoff Thorpe
b6358c89a1 Convert openssl code not to assume the deprecated form of BN_zero(). 
Remove certain redundant BN_zero() initialisations, because BN_CTX_get(),
BN_init(), [etc] already initialise to zero.

Correct error checking in bn_sqr.c, and be less wishy-wash about how/why
the result's 'top' value is set (note also, 'max' is always > 0 at this
point).
 2004-03-13 23:57:20 +00:00
Geoff Thorpe
5d735465d1 The efforts to eliminate the dual-representation of zero and to ensure 
bignums are passed in and out of functions and APIs in a consistent form
has highlighted that zero-valued bignums don't need any allocated word
data. The use of BN_set_word() to initialise a bignum to zero causes
needless allocation and gives it a return value that must be checked. This
change converts BN_zero() to a self-contained macro that has no
return/expression value and does not cause any expansion of bignum data.

Note, it would be tempting to rewrite the deprecated version as a
success-valued comma expression, such as;
   #define BN_zero(a) ((a)->top = (a)->neg = 0, 1)
However, this evaluates 'a' twice and would confuse initialisation loops
(eg. while(..) { BN_zero(bn++) } ). As such, the deprecated version
continues to use BN_set_word().
 2004-03-13 23:04:15 +00:00
Geoff Thorpe
9e051bac13 Document a change I'd already made, and at the same time, correct the 
change to work properly; BN_zero() should set 'neg' to zero as well as
'top' to match the behaviour of BN_new().
 2004-03-13 22:10:15 +00:00
Geoff Thorpe
93825dddad static 2004-03-10 01:20:26 +00:00
Geoff Thorpe
a8aa764d3c Minimise the amount of code dependent on BN_DEBUG_RAND. In particular, 
redefine bn_clear_top2max() to be a NOP in the non-debugging case, and
remove some unnecessary usages in bn_nist.c.

Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe, Ulf Möller
 2004-03-09 03:53:40 +00:00
Geoff Thorpe
e7716b7a19 More changes coming out of the bignum auditing. BN_CTX_get() should ideally 
return a "zero" bignum as BN_new() does - so reset 'top'. During
BN_CTX_end(), released bignums should be consistent so enforce this in
debug builds. Also, reduce the number of wasted BN_clear_free() calls from
BN_CTX_end() (typically by 75% or so).

Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe, Ulf Möller
 2004-03-09 03:47:35 +00:00
Dr. Stephen Henson
a4e3150f00 Fix policy constraints syntax. 2004-03-08 18:15:32 +00:00
Dr. Stephen Henson
edec614efd Support for inhibitAnyPolicy extension. 2004-03-08 13:56:31 +00:00
Dr. Stephen Henson
5fa5eb71a4 Cleanup ASN1 OID module when it exits. 2004-03-05 23:47:56 +00:00
Dr. Stephen Henson
931a031916 Cleanup ASN1 OID module when it exits. 2004-03-05 23:47:39 +00:00
Dr. Stephen Henson
216ad9ef58 Memory leak fix. 2004-03-05 23:39:42 +00:00
Dr. Stephen Henson
ef3565aed2 Memory leak fix. 2004-03-05 23:39:12 +00:00
Dr. Stephen Henson
bc50157010 Various X509 fixes. Disable broken certificate workarounds 
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in
CRL issuer certificates. Reject CRLs with unhandled (any)
critical extensions.
 2004-03-05 17:16:35 +00:00
Dr. Stephen Henson
01fc051e8a Various X509 fixes. Disable broken certificate workarounds 
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in
CRL issuer certificates. Reject CRLs with unhandled (any)
critical extensions.
 2004-03-05 17:16:06 +00:00
Dr. Stephen Henson
91180d45f9 Typos. 
Reported by: Jose Castejon-Amenedo <Jose.Castejon-Amenedo@hp.com>
 2004-03-04 21:44:39 +00:00
Dr. Stephen Henson
0902c559fb Typos. 
Reported by: Jose Castejon-Amenedo <Jose.Castejon-Amenedo@hp.com>
 2004-03-04 21:41:59 +00:00
Richard Levitte
4d6b383680 Avoid a memory leak in OCSP_parse_url(). 
Notified by Paul Siegel <psiegel@corestreet.com>
 2004-03-01 14:58:25 +00:00
Richard Levitte
4cfa4ae820 Avoid a memory leak in OCSP_parse_url(). 
Notified by Paul Siegel <psiegel@corestreet.com>
 2004-03-01 14:58:22 +00:00
Richard Levitte
ee121033dc Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also. 
PR: 833
 2004-02-26 22:07:47 +00:00
Richard Levitte
f727266ae8 Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also. 
PR: 833
 2004-02-26 22:07:45 +00:00
Geoff Thorpe
c6700d2746 A cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h 
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
 2004-02-22 19:32:53 +00:00
Geoff Thorpe
1b06804491 When adding positive elements, we can use BN_uadd() instead of BN_add(). 
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
 2004-02-22 19:30:41 +00:00
Dr. Stephen Henson
33ad6eca7a Use an OCTET STRING for the encoding of an OCSP nonce value. 
The old raw format can't be handled by some implementations
and updates to RFC2560 will make the OCTET STRING mandatory.
 2004-02-19 18:17:35 +00:00
Dr. Stephen Henson
dc90f64d56 Use an OCTET STRING for the encoding of an OCSP nonce value. 
The old raw format can't be handled by some implementations
and updates to RFC2560 will make this mandatory.
 2004-02-19 18:16:38 +00:00
Geoff Thorpe
6c43032121 minor signed/unsigned warning fixes 2004-02-10 18:46:10 +00:00
Andy Polyakov
1751034669 Typo in crypto/bn/asm/x86_64.c, bn_div_words(). 
PR: 821
 2004-02-07 09:51:28 +00:00
Andy Polyakov
ad55502092 Typo in crypto/bn/asm/x86_64.c, bn_div_words(). 
PR: 821
 2004-02-07 09:46:47 +00:00
Dr. Stephen Henson
d4575825f1 Add flag to avoid continuous 
memory allocate when calling EVP_MD_CTX_copy_ex().

Without this HMAC is several times slower than
< 0.9.7.
 2004-02-01 13:39:51 +00:00
Dr. Stephen Henson
31edde3edc Add flag to avoid continuous 
memory allocate when calling EVP_MD_CTX_copy_ex().

Without this HMAC is several times slower than
< 0.9.7.
 2004-02-01 13:37:56 +00:00
Andy Polyakov
d04b1b4656 Typo in PA-RISC 2 rules in crypto/bn/Makefile.ssl 2004-01-30 05:41:23 +00:00
Andy Polyakov
1247092776 HP/UX PA-RISC 2 targets update. 2004-01-29 22:16:08 +00:00
Richard Levitte
381a693c39 make update 2004-01-29 10:23:54 +00:00
Richard Levitte
86cb571e28 Have the declarations match the definitions. 2004-01-29 09:41:01 +00:00
Richard Levitte
319a2c5f65 Typo 2004-01-29 02:55:47 +00:00
Richard Levitte
61a88c31c0 Typo 2004-01-29 02:55:43 +00:00
Richard Levitte
9d0e895120 Make n unsigned, to avoid signed vs. unsigned conflicts. 2004-01-29 00:05:54 +00:00
Richard Levitte
5922128732 0.9.7-stable is in freeze. That means we do bug fixes only, not new 
functionality.  Therefore, I'm backing out most of the "CFB DES
sync-up with FIPS branch" commit (I'm keeping the corrections of
DES_cfb_encrypt()).
 2004-01-28 23:31:20 +00:00
Richard Levitte
e5886a2388 make update 2004-01-28 19:07:41 +00:00
Richard Levitte
8d1ebe0bd1 Add the missing parts for DES CFB1 and CFB8. 
Add the corresponding AES parts while I'm at it.
make update
 2004-01-28 19:05:35 +00:00
Richard Levitte
1fb724449d make update 2004-01-28 18:38:33 +00:00
Richard Levitte
cb37947a71 Unsigned vs. signed problem removed 2004-01-28 08:48:15 +00:00
Richard Levitte
721a5e83f9 Unsigned vs. signed problem removed 2004-01-28 08:48:11 +00:00
Andy Polyakov
6df617a59d #undef _POSIX_C_SOURCE in ui_openssl.c ruined IRIX builds. Comment on why 
_POSIX_C_SOURCE needed in first place.
 2004-01-27 22:06:48 +00:00
Andy Polyakov
8c6336b0aa CFB DES sync-up with FIPS branch. 2004-01-27 21:47:35 +00:00
Andy Polyakov
4668056fc9 CFB DES sync-up with FIPS branch. 2004-01-27 21:46:19 +00:00
Richard Levitte
87203dc99a Avoid signed vs. unsigned warnings (which are treated like errors on 
Windows).
 2004-01-27 01:16:38 +00:00