generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
12,315 Commits 16 Branches 258 Tags 86 MiB
be0477a8e9
Commit Graph

6296 Commits

Author SHA1 Message Date
Ben Laurie
46838817c7 Constify and reduce coprime random bits to allow for multiplier. 2014-06-01 15:31:27 +01:00
Felix Laurie von Massenbach
8927c2786d Add a test to check we're really generating probable primes. 2014-06-01 15:31:27 +01:00
Felix Laurie von Massenbach
9a3a99748b Remove unused BIGNUMs. 2014-06-01 15:31:27 +01:00
Felix Laurie von Massenbach
c74e148776 Refactor the first prime index. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
982c42cb20 Try skipping over the adding and just picking a new random number. 
Generates a number coprime to 2, 3, 5, 7, 11.

Speed:
Trial div (add) : trial div (retry) : coprime
1 : 0.42 : 0.84
 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
c09ec5d2a0 Generate safe primes not divisible by 3, 5 or 7. 
~2% speed improvement on trial division.
 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
b0513819e0 Add a method to generate a prime that is guaranteed not to be divisible by 3 or 5. 
Possibly some reduction in bias, but no speed gains.
 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
e46a059ebf Remove static from probable_prime_dh. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
e55fca760b Remove indentation from the goto targets. 2014-06-01 15:31:26 +01:00
Dr. Stephen Henson
3009244da4 Set default global mask to UTF8 only. 2014-06-01 15:03:00 +01:00
Andy Polyakov
e09ea622bb aesv8-armx.pl: add CTR implementation. 
Submitted by: Ard Biesheuvel.
 2014-05-29 22:45:35 +02:00
Dr. Stephen Henson
46d889f33e Set version number correctly. 
PR#3249
 2014-05-29 14:33:32 +01:00
František Bořánek
4da0ddc47e Fix memory leak. 
PR#3278
 2014-05-29 14:33:32 +01:00
Martin Kaiser
1c4575ebc3 remove duplicate 0x for default RSASSA-PSS salt len 2014-05-29 14:33:32 +01:00
Andy Polyakov
7cbdb975c2 aesp8-ppc.pl: optimize CBC decrypt even further. 
10-19% improvement depending on key length and endianness.
 2014-05-29 15:10:12 +02:00
Ben Laurie
ba4477d649 Make it build. 
Closes #31.
 2014-05-25 17:35:04 +01:00
Christian Heimes
56431240ae add test case to makefiles 2014-05-25 17:35:04 +01:00
Christian Heimes
4d4a535dcf Implement tests for PKCS#5 PBKDF2 HMAC 2014-05-25 17:35:04 +01:00
Dr. Stephen Henson
0930251df8 Don't use expired certificates if possible. 
When looking for the issuer of a certificate, if current candidate is
expired, continue looking. Only return an expired certificate if no valid
certificates are found.

PR#3359
 2014-05-25 04:50:15 +01:00
Dr. Stephen Henson
6c21b860ba Rename vpm_int.h to x509_lcl.h 2014-05-25 04:50:14 +01:00
Luiz Angelo Daros de Luca
dd36fce023 OpenSSL is able to generate a certificate with name constraints with any possible 
subjectAltName field. The Name Contraint example in x509v3_config(5) even use IP
as an example:

	nameConstraints=permitted;IP:192.168.0.0/255.255.0.0

However, until now, the verify code for IP name contraints did not exist. Any
check with a IP Address Name Constraint results in a "unsupported name constraint
type" error.

This patch implements support for IP Address Name Constraint (v4 and v6). This code
validaded correcly certificates with multiple IPv4/IPv6 address checking against
a CA certificate with these constraints:

	permitted;IP.1=10.9.0.0/255.255.0.0
	permitted;IP.2=10.48.0.0/255.255.0.0
	permitted;IP.3=10.148.0.0/255.255.0.0
	permitted;IP.4=fdc8:123f:e31f::/ffff:ffff:ffff::

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2014-05-23 23:05:38 +01:00
Andy Polyakov
fda29b6db0 aesp8-ppc.pl: add optimized CBC decrypt. 2014-05-23 20:15:06 +02:00
Andy Polyakov
b83d09f552 vpaes-ppc.pl: comply with ABI. 2014-05-23 20:14:38 +02:00
Ben Laurie
eb33348879 Check length first in BUF_strnlen(). 2014-05-22 10:13:22 +01:00
Ben Laurie
12f1b3e79f Remove redundant test. 2014-05-21 12:03:02 +01:00
Ben Laurie
dea4a18404 Implement BUF_strnlen() and use it instead of strlen(). 2014-05-21 11:58:03 +01:00
Viktor Dukhovni
397a8e747d Fixes to host checking. 
Fixes to host checking wild card support and add support for
setting host checking flags when verifying a certificate
chain.
 2014-05-21 11:31:28 +01:00
Dr. Stephen Henson
558c94efc0 Fix for PKCS12_create if no-rc2 specified. 
Use triple DES for certificate encryption if no-rc2 is
specified.

PR#3357
 2014-05-21 11:28:58 +01:00
Andy Polyakov
3e68273326 aesv8-armx.pl: fix typo. 2014-05-20 23:32:12 +02:00
Andy Polyakov
a0a17fcb75 aesv8-armx.pl: optimize by adding 128-bit code paths. 2014-05-20 22:50:28 +02:00
Ben Laurie
d8ac1ea77e Don't allocate more than is needed in BUF_strndup(). 2014-05-20 13:52:31 +01:00
Janpopan
ff626ba5f4 Fix a wrong parameter count ERR_add_error_data 2014-05-19 22:10:14 +01:00
Andy Polyakov
5727e4dab8 Add "teaser" AES module for ARMv8. 
"Teaser" means that it's initial proof-of-concept to build EVP module
upon.
 2014-05-19 08:46:44 +02:00
Andy Polyakov
f75faa16af Add "teaser" AES module for PowerISA 2.07. 
"Teaser" means that it's not integrated yet and purpose of this
commit is primarily informational, to exhibit design choices,
such as how to handle alignment and endianness. In other words
it's proof-of-concept code that EVP module will build upon.
 2014-05-12 10:35:29 +02:00
Kurt Roeckx
3b3ecce141 Set authkey to NULL and check malloc return value. 2014-05-12 00:20:08 +01:00
Martin Brejcha
00f3a236e0 dgram_sctp_ctrl: authkey memory leak 
PR: 3327
 2014-05-12 00:20:08 +01:00
Dr. Stephen Henson
0bcb17a777 Return an error if no recipient type matches. 
If the key type does not match any CMS recipient type return
an error instead of using a random key (MMA mitigation). This
does not leak any useful information to an attacker.

PR#3348
 2014-05-09 14:24:54 +01:00
Matt Caswell
2d2e0479eb Fixed NULL pointer dereference in PKCS7_dataDecode reported by David Ramos in PR#3339 2014-05-07 23:21:02 +01:00
Geoff Thorpe
fce3821111 evp: prevent underflow in base64 decoding 
This patch resolves RT ticket #2608.

Thanks to Robert Dugal for originally spotting this, and to David
Ramos for noticing that the ball had been dropped.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
 2014-05-06 17:52:19 -04:00
Geoff Thorpe
12e9f627f9 bignum: allow concurrent BN_MONT_CTX_set_locked() 
The lazy-initialisation of BN_MONT_CTX was serialising all threads, as
noted by Daniel Sands and co at Sandia. This was to handle the case that
2 or more threads race to lazy-init the same context, but stunted all
scalability in the case where 2 or more threads are doing unrelated
things! We favour the latter case by punishing the former. The init work
gets done by each thread that finds the context to be uninitialised, and
we then lock the "set" logic after that work is done - the winning
thread's work gets used, the losing threads throw away what they've done.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
 2014-05-06 17:43:35 -04:00
Dr. Stephen Henson
3ba1e406c2 Initialize num properly. 
PR#3289
PR#3345
 2014-05-06 14:07:37 +01:00
Dr. Stephen Henson
546b1b4384 Set Enveloped data version to 2 if ktri version not zero. 2014-05-06 13:59:05 +01:00
Tim Hudson
8bbfd94e36 - fix coverity issues 966593-966596 2014-05-06 00:02:31 +01:00
Andy Polyakov
b943b7d2c7 md5/asm/md5-[586|x86_64].pl: +15% on Atom. 
[MD5 is hardly relevant, just cleaning up repository]
 2014-05-04 16:56:00 +02:00
Andy Polyakov
496f2b148b C64x+ assembply pack: add RC4 module. 2014-05-04 16:39:59 +02:00
Andy Polyakov
bd227733b9 C64x+ assembly pack: make it work with older toolchain. 2014-05-04 16:38:32 +02:00
Andy Polyakov
9250a30692 sha/asm/sha1-armv4-large.pl: add NEON and ARMv8 code paths. 
sha/asm/sha256-armv4.pl: add ARMv8 code path.
 2014-05-04 10:57:55 +02:00
Andy Polyakov
4afa9f033d crypto/armcap.c: detect ARMv8 capabilities [in 32-bit build]. 2014-05-04 10:55:49 +02:00
David Ramos
16ba70746b Double free in i2o_ECPublicKey 
PR: 3338
 2014-05-04 00:46:20 +01:00
Geoff Thorpe
da12bfca51 dso: eliminate VMS code on non-VMS systems 
Even though the meat of dso_vms.c is compiled out on non-VMS builds,
the (pre-)compiler still traverses some of the macro handling. This
trips up at least one non-VMS build configuration, so this commit
makes the skip-VMS case more robust.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
 2014-05-01 21:59:36 -04:00
Geoff Thorpe
a529261891 bignum: fix boundary condition in montgomery logic 
It's not clear whether this inconsistency could lead to an actual
computation error, but it involved a BIGNUM being passed around the
montgomery logic in an inconsistent state. This was found using flags
-DBN_DEBUG -DBN_DEBUG_RAND, and working backwards from this assertion
in 'ectest';

ectest: bn_mul.c:960: BN_mul: Assertion `(_bnum2->top == 0) ||
(_bnum2->d[_bnum2->top - 1] != 0)' failed

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
 2014-04-30 11:49:31 -04:00
mancha
e14f14d36e Fix eckey_priv_encode() 
Fix eckey_priv_encode to return an error on failure of i2d_ECPrivateKey.
 2014-04-26 07:59:13 +01:00
Geoff Thorpe
79c6c4e828 make depend 2014-04-25 14:31:05 -04:00
Andy Polyakov
f8cee9d081 bn/asm/armv4-gf2m.pl, modes/asm/ghash-armv4.pl: faster multiplication 
algorithm suggested in following paper:

Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software
Polynomial Multiplication on ARM Processors using the NEON Engine.

http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf
 2014-04-24 10:24:53 +02:00
Andy Polyakov
558ff0f0c1 aes/asm/bsaes-x86_64.pl: Atom-specific optimization. 2014-04-24 10:13:30 +02:00
Ben Laurie
4ba5e63bfd Fix double frees. 2014-04-22 16:58:43 +01:00
Dr. Stephen Henson
300b9f0b70 Extension checking fixes. 
When looking for an extension we need to set the last found
position to -1 to properly search all extensions.

PR#3309.
 2014-04-15 18:50:53 +01:00
Dr. Stephen Henson
476830fd5b ssleay_rand_add returns a value in 1.1.0 2014-04-09 15:35:51 +01:00
Dr. Stephen Henson
f74fa33bce Return if ssleay_rand_add called with zero num. 
Treat a zero length passed to ssleay_rand_add a no op: the existing logic
zeroes the md value which is very bad. OpenSSL itself never does this
internally and the actual call doesn't make sense as it would be passing
zero bytes of entropy.

Thanks to Marcus Meissner <meissner@suse.de> for reporting this bug.
(cherry picked from commit 5be1ae28ef)
 2014-04-07 19:44:45 +01:00
Andy Polyakov
997d1aac7c crypto/modes/gcm128.c: more strict aliasing fixes. 2014-04-06 17:19:54 +02:00
Andy Polyakov
6eebcf3459 vpaes-[x86_64|ppc].pl: fix typo, which for some reason triggers rkhunter. 2014-04-06 12:50:36 +02:00
Eric Young
10378fb5f4 Fix base64 decoding bug. 
A short PEM encoded sequence if passed to the BIO, and the file
had 2 \n following would fail.

PR#3289
 2014-04-02 19:54:27 +01:00
Dr. Stephen Henson
b48310627d Don't try and verify signatures if key is NULL (CVE-2013-0166) 
Add additional check to catch this in ASN1_item_verify too.
(cherry picked from commit 66e8211c0b)
 2014-04-01 16:37:51 +01:00
Dr. Stephen Henson
2514fa79ac Add functions returning security bits. 
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
 2014-03-28 14:49:04 +00:00
Dr. Stephen Henson
3a98f9cf20 Workaround for some CMS signature formats. 
Some CMS SignedData structure use a signature algorithm OID such
as SHA1WithRSA instead of the RSA algorithm OID. Workaround this
case by tolerating the signature if we recognise the OID.
 2014-03-19 17:28:01 +00:00
Dr. Stephen Henson
f9b6c0ba4c Fix for CVE-2014-0076 
Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140

Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
(cherry picked from commit 2198be3483)

Conflicts:

	CHANGES
 2014-03-12 14:29:43 +00:00
Andy Polyakov
5e44c144e6 SPARC T4 assembly pack: treat zero input length in CBC. 
The problem is that OpenSSH calls EVP_Cipher, which is not as
protective as EVP_CipherUpdate. Formally speaking we ought to
do more checks in *_cipher methods, including rejecting
lengths not divisible by block size (unless ciphertext stealing
is in place). But for now I implement check for zero length in
low-level based on precedent.

PR: 3087, 2775
 2014-03-07 10:30:37 +01:00
Andy Polyakov
53e5161231 dh_check.c: check BN_CTX_get's return value. 2014-03-06 14:19:37 +01:00
Andy Polyakov
972b0dc350 bss_dgram.c,d1_lib.c: make it compile with mingw. 
Submitted by: Roumen Petrov
 2014-03-06 14:04:56 +01:00
Dr. Stephen Henson
315cd871c4 For self signed root only indicate one error. 
(cherry picked from commit bdfc0e284c)
 2014-03-03 23:36:46 +00:00
Dr. Stephen Henson
5693a30813 PKCS#8 support for alternative PRFs. 
Add option to set an alternative to the default hmacWithSHA1 PRF
for PKCS#8 private key encryptions. This is used automatically
by PKCS8_encrypt if the nid specified is a PRF.

Add option to pkcs8 utility.

Update docs.
(cherry picked from commit b60272b01f)
 2014-03-01 23:16:08 +00:00
Dr. Stephen Henson
01757858fe Fix memory leak. 
(cherry picked from commit 124d218889)
 2014-03-01 23:15:53 +00:00
Andy Polyakov
b62a4a1c0e perlasm/x86asm.pl: recognize elf-1 denoting old ELF platforms. 2014-02-27 14:26:12 +01:00
Andy Polyakov
ce876d8316 perlasm/x86gas.pl: limit special OPENSSL_ia32cap_P treatment to ELF. 2014-02-27 14:22:13 +01:00
Andy Polyakov
f861b1d433 rc4/asm/rc4-586.pl: allow for 386-only build. 2014-02-27 14:19:19 +01:00
Andy Polyakov
fd361a67ef des/asm/des-586.pl: shortcut reference to DES_SPtrans. 2014-02-27 14:17:43 +01:00
Rob Stradling
52f71f8181 CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. 2014-02-26 15:33:11 +00:00
Andy Polyakov
d49135e7ea sha/asm/sha256-586.pl: don't try to compile SIMD with no-sse2. 2014-02-26 10:22:13 +01:00
Andy Polyakov
147cca8f53 sha/asm/sha512-x86_64.pl: fix compilation error on Solaris. 2014-02-26 09:30:03 +01:00
Andy Polyakov
e704741bf3 aes/asm/vpaes-ppc.pl: fix traceback info. 2014-02-25 20:11:34 +01:00
Dr. Stephen Henson
e0520c65d5 Don't use BN_ULLONG in n2l8 use SCTS_TIMESTAMP. 
(cherry picked from commit 3678161d71)
 2014-02-25 15:06:51 +00:00
Dr. Stephen Henson
3a325c60a3 Fix for v3_scts.c 
Not all platforms define BN_ULLONG. Define SCTS_TIMESTAMP as a type
which should work on all platforms.
(cherry picked from commit 6634416732)
 2014-02-25 14:56:31 +00:00
Dr. Stephen Henson
a4cc3c8041 Avoid Windows 8 Getversion deprecated errors. 
Windows 8 SDKs complain that GetVersion() is deprecated.

We only use GetVersion like this:

	(GetVersion() < 0x80000000)

which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
 2014-02-25 13:40:33 +00:00
Rob Stradling
19f65ddbab Parse non-v1 SCTs less awkwardly. 2014-02-25 10:14:51 +00:00
Andy Polyakov
758954e0d8 x509/by_dir.c: fix run-away pointer (and potential SEGV) 
when adding duplicates in add_cert_dir.

PR: 3261
Reported by: Marian Done
 2014-02-24 15:16:56 +01:00
Andy Polyakov
214368ffee aes/asm/aesni-x86[_64].pl: minor Atom-specific performance tweak. 2014-02-21 12:14:04 +01:00
Dr. Stephen Henson
47739161c6 fix WIN32 warnings 
(cherry picked from commit b709f8ef54)
 2014-02-20 22:55:24 +00:00
Dr. Stephen Henson
ded18639d7 Move CT viewer extension code to crypto/x509v3 2014-02-20 18:48:56 +00:00
Dr. Stephen Henson
4cfeb00be9 make depend 2014-02-19 20:09:08 +00:00
Dr. Stephen Henson
84917787b5 Remove references to o_time.h 2014-02-19 20:06:13 +00:00
Ben Laurie
ff49a94439 Move gmtime functions to crypto.h. 2014-02-19 18:02:04 +00:00
Ben Laurie
c0482547b3 Reverse export of o_time.h. 2014-02-19 17:57:07 +00:00
Ben Laurie
765e9ba911 Merge branch 'sct-viewer-master' of https://github.com/robstradling/openssl into sct-viewer 2014-02-19 17:17:14 +00:00
Rob Stradling
b263f21246 Move the SCT List extension parser into libssl. 
Add the extension parser in the s_client, ocsp and x509 apps.
 2014-02-19 13:12:46 +00:00
Dr. Stephen Henson
6ecbc2bb62 Don't use CRYPTO_AES_CTR if it isn't defined. 2014-02-18 22:20:30 +00:00
Dr. Stephen Henson
5a7652c3e5 Remove duplicate statement. 2014-02-15 01:27:56 +00:00
Klaus-Peter Junghanns
be2c4d9bd9 Add support for aes-128/192/256-ctr to the cryptodev engine. 
This can be used to speed up SRTP with libsrtp, e.g. on TI omap/sitara based devices.
 2014-02-15 00:01:40 +00:00
Rob Stradling
dcfe8df148 Show the contents of the RFC6962 Signed Certificate Timestamp List Certificate/OCSP Extensions. 
Add the RFC6962 OIDs to the objects table.
 2014-02-14 23:24:35 +00:00
Scott Schaefer
2b4ffc659e Fix various spelling errors 2014-02-14 22:29:12 +00:00
Andy Polyakov
701134320a ssl/s3_pkt.c: detect RAND_bytes error in multi-block. 2014-02-14 17:43:31 +01:00
Andy Polyakov
f4d456408d x86[_64]cpuid.pl: add low-level RDSEED. 2014-02-14 17:24:12 +01:00
Andy Polyakov
5599c7331b aes/asm/aesni-x86_64.pl: further optimization for Atom Silvermont. 
Improve CBC decrypt and CTR by ~13/16%, which adds up to ~25/33%
improvement over "pre-Silvermont" version. [Add performance table to
aesni-x86.pl].
 2014-02-14 17:06:15 +01:00
Dr. Stephen Henson
385b348666 Include TA in checks/callback with partial chains. 
When a chain is complete and ends in a trusted root checks are also
performed on the TA and the callback notified with ok==1. For
consistency do the same for chains where the TA is not self signed.
 2014-02-14 15:07:01 +00:00
Dr. Stephen Henson
2dac2667d1 Don't do loop detection for self signed check. 2014-02-14 14:52:23 +00:00
Dr. Stephen Henson
847865d0f9 Add suppot for ASCII with CRLF canonicalisation. 2014-02-13 14:35:56 +00:00
Andy Polyakov
9587429fa0 evp/e_aes_cbc_hmac_sha*.c: improve cache locality. 2014-02-13 14:39:55 +01:00
Andy Polyakov
98e143f118 ghash-x86[_64].pl: ~15% improvement on Atom Silvermont 
(other processors unaffected).
 2014-02-13 14:37:28 +01:00
Ben Laurie
fc92396976 Fix warning. 2014-02-13 03:11:58 +00:00
Andy Polyakov
5a42c8f07f e_aes_cbc_hmac_sha[1|256].c: fix compiler warning. 2014-02-05 16:38:22 +01:00
Andy Polyakov
0d5096fbd6 evp/e_aes_cbc_hmac_sha*.c: additional CTRL to query buffer requirements. 2014-02-05 14:05:08 +01:00
Andy Polyakov
3847d15d6b [aesni|sha*]-mb-x86_64.pl: add data prefetching. 2014-02-05 14:03:35 +01:00
Andy Polyakov
d162584b11 modes/asm/ghash-s390x.pl: +15% performance improvement on z10. 2014-02-02 00:09:17 +01:00
Andy Polyakov
d8ba0dc977 crypto/aes/asm/aesni-x86[_64].pl update, up to 14% improvement on 
Atom Silvermont. On other CPUs one can observe 1% loss on some
algorithms.
 2014-02-01 21:13:49 +01:00
Andy Polyakov
b217ca63b1 crypto/sha/asm/sha1-x86_64.pl update: 
+5% on Atom Silvermont, up to +8% improvement of legacy code.
Harmonize sha1-586.pl and aesni-sha1-x86_86.p with sha1-x86_64.pl.
 2014-02-01 21:07:16 +01:00
Dr. Stephen Henson
e933f91f50 Add loaded dynamic ENGINEs to list. 
Always add a dynamically loaded ENGINE to list. Otherwise it can cause
problems when multiply loaded, especially if it adds new public key methods.
For all current engines we only want a single implementation anyway.
 2014-01-28 13:51:58 +00:00
Dr. Stephen Henson
ec492c8a5a Compare encodings in X509_cmp as well as hash. 2014-01-26 16:29:50 +00:00
Dr. Stephen Henson
9f10e9293b typo 2014-01-12 14:13:48 +00:00
Dr. Stephen Henson
ef643cc7bd Use rdrand as additional entropy source. 
If available rdrand is used as an additional entropy source for the
PRNG and for additional input in FIPS mode.
 2014-01-11 14:19:25 +00:00
Dr. Stephen Henson
8f4077ca69 Fix bug in X509_V_FLAG_IGNORE_CRITICAL CRL handling. 2014-01-09 22:52:49 +00:00
Andy Polyakov
eedab5241e bn/asm/x86_64-mont5.pl: fix compilation error on Solaris. 2014-01-09 13:44:59 +01:00
Andy Polyakov
5dc52b919b PPC assembly pack: relax 64-bit requirement for little-endian support. 2014-01-07 22:44:21 +01:00
Andy Polyakov
1fb83a3bc2 aes/asm/vpaes-ppc.pl: add little-endian support. 2014-01-07 16:48:04 +01:00
Andy Polyakov
ad0d2579cf sha/asm/sha256-armv4.pl: add NEON code path. 
(and shave off cycle even from integer-only code)
 2014-01-04 18:04:53 +01:00
Andy Polyakov
25f7117f0e aesni-sha1-x86_64.pl: refine Atom-specific optimization. 
(and update performance data, and fix typo)
 2014-01-04 17:13:57 +01:00
Andy Polyakov
2f3af3dc36 aesni-sha1-x86_64.pl: add stiched decrypt procedure, 
but keep it disabled, too little gain... Add some Atom-specific
optimization.
 2014-01-03 21:40:08 +01:00
Andy Polyakov
926725b3d7 sparcv9cap.c: omit random detection. 
PR: 3202
 2013-12-28 13:31:14 +01:00
Andy Polyakov
2218c296b4 ARM assembly pack: make it work with older toolchain. 2013-12-28 12:17:08 +01:00
Dr. Stephen Henson
cd30f03ac5 Canonicalise input in CMS_verify. 
If content is detached and not binary mode translate the input to
CRLF format. Before this change the input was verified verbatim
which lead to a discrepancy between sign and verify.
 2013-12-22 00:35:29 +00:00
Dr. Stephen Henson
560b34f2b0 Ignore NULL parameter in EVP_MD_CTX_destroy. 
(cherry picked from commit a6c62f0c25)
 2013-12-20 23:32:25 +00:00
Andy Polyakov
fc0503a25c sha1-x86_64.pl: harmonize Win64 SE handlers for SIMD code pathes. 
(and ensure stack alignment in the process)
 2013-12-18 22:12:08 +01:00
Andy Polyakov
e9c80e04c1 evp/e_[aes|camellia].c: fix typo in CBC subroutine. 
It worked because it was never called.
 2013-12-18 21:42:46 +01:00
Andy Polyakov
f0f4b8f126 PPC assembly pack update addendum. 2013-12-18 21:39:15 +01:00
Andy Polyakov
cdd1acd788 sha512.c: fullfull implicit API contract in SHA512_Transform. 
SHA512_Transform was initially added rather as tribute to tradition
than for practucal reasons. But use was recently found in ssl/s3_cbc.c
and it turned to be problematic on platforms that don't tolerate
misasligned references to memory and lack assembly subroutine.
 2013-12-18 21:27:35 +01:00
Andy Polyakov
128e1d101b PPC assembly pack: improve AIX support (enable vpaes-ppc). 2013-12-18 21:19:08 +01:00
Dr. Stephen Henson
4a253652ee Add opaque ID structure. 
Move the IP, email and host checking fields from the public
X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID
structure. By doing this the structure can be modified in future
without risk of breaking any applications.
(cherry picked from commit adc6bd73e3)

Conflicts:

	crypto/x509/x509_vpm.c
 2013-12-13 15:42:16 +00:00
Dr. Stephen Henson
102302b05b Fix for partial chain notification. 
For consistency with other cases if we are performing
partial chain verification with just one certificate
notify the callback with ok==1.
(cherry picked from commit 852553d9005e13aed7feb986a5d71cb885b994c7)
 2013-12-13 15:39:55 +00:00
Dr. Stephen Henson
8a1956f3ea Don't use rdrand engine as default unless explicitly requested. 
(cherry picked from commit 16898401bd47a153fbf799127ff57fdcfcbd324f)
 2013-12-13 15:39:55 +00:00
Andy Polyakov
41965a84c4 x86_64-xlate.pl: minor update. 2013-12-09 21:23:19 +01:00
Andy Polyakov
ec9cc70f72 bn/asm/x86_64-mont5.pl: add MULX/AD*X code path. 
This also eliminates code duplication between x86_64-mont and x86_64-mont
and optimizes even original non-MULX code.
 2013-12-09 21:02:24 +01:00
Andy Polyakov
d1671f4f1a bn/asm/armv4-mont.pl: add NEON code path. 2013-12-04 22:37:49 +01:00
Andy Polyakov
26e18383ef perlasm/ppc-xlate.pl: add support for AltiVec/VMX and VSX. 
Suggested by: Marcello Cerri
 2013-12-04 22:01:31 +01:00
Andy Polyakov
f586d97191 perlasm/ppc-xlate.pl: improve linux64le support. 
Suggested by: Marcello Cerri
 2013-12-04 21:47:43 +01:00
Andy Polyakov
a61e51220f aes/asm/vpaes-ppc.pl: comply with ABI. 2013-12-04 21:46:40 +01:00
Andy Polyakov
c5d5f5bd0f bn/asm/x86_64-mont5.pl: comply with Win64 ABI. 
PR: 3189
Submitted by: Oscar Ciurana
 2013-12-03 23:59:55 +01:00
Andy Polyakov
8bd7ca9996 crypto/bn/asm/rsaz-x86_64.pl: make it work on Win64. 2013-12-03 22:28:48 +01:00
Andy Polyakov
31ed9a2131 crypto/bn/rsaz*: fix licensing note. 
rsaz_exp.c: harmonize line terminating;
asm/rsaz-*.pl: minor optimizations.
 2013-12-03 22:08:29 +01:00
Andy Polyakov
6efef384c6 bn/asm/rsaz-x86_64.pl: fix prototype. 2013-12-03 09:43:06 +01:00
Andy Polyakov
89bb96e51d vpaes-ppc.pl: fix bug in IV handling and comply with ABI. 2013-11-29 14:40:51 +01:00
Andy Polyakov
b9e87d07cb ppc64-mont.pl: eliminate dependency on GPRs' upper halves. 2013-11-27 22:50:00 +01:00
Andy Polyakov
07f3e4f3f9 Take vpaes-ppc module into loop. 2013-11-27 22:39:13 +01:00
Andy Polyakov
b5c54c914f Add Vector Permutation AES for PPC. 2013-11-27 22:32:56 +01:00
Dr. Stephen Henson
0f7fa1b190 Constify. 
(cherry picked from commit 1abfa78a8b)
 2013-11-14 21:05:36 +00:00
Dr. Stephen Henson
afa23c46d9 Flag to disable automatic copying of contexts. 
Some functions such as EVP_VerifyFinal only finalise a copy of the passed
context in case an application wants to digest more data. Doing this when
it is not needed is inefficient and many applications don't require it.

For compatibility the default is to still finalise a copy unless the
flag EVP_MD_CTX_FLAG_FINALISE is set in which case the passed
context is finalised an *no* further data can be digested after
finalisation.
 2013-11-13 23:48:35 +00:00
Andy Polyakov
2df9ec01d5 srp/srp_grps.h: make it Compaq C-friendly. 
PR: 3165
Submitted by: Daniel Richard G.
 2013-11-12 22:09:55 +01:00
Andy Polyakov
5b63a39241 modes/asm/ghash-alpha.pl: fix typo. 2013-11-12 21:52:18 +01:00
Andy Polyakov
d1cf23ac86 Make Makefiles OSF-make-friendly. 
PR: 3165
 2013-11-12 21:51:37 +01:00
Dr. Stephen Henson
16bc45ba95 Fix memory leak. 2013-11-11 22:39:40 +00:00
Dr. Stephen Henson
85c9ba2342 Support setting of "no purpose" for trust. 
If the oid parameter is set to NULL in X509_add1_trust_object
create an empty list of trusted purposes corresponding to
"no purpose" if trust is checked.
 2013-11-11 22:39:23 +00:00
Dr. Stephen Henson
dd274b1c1c Fix for some platforms where "char" is unsigned. 2013-11-09 15:09:23 +00:00
Dr. Stephen Henson
da15c61608 Add CMS_SignerInfo_get0_signature function. 
Add function to retrieve the signature from a CMS_SignerInfo structure:
applications can then read or modify it.
 2013-11-09 15:09:23 +00:00
Dr. Stephen Henson
534e5fabad Check for missing components in RSA_check. 2013-11-09 15:09:23 +00:00
Andy Polyakov
33446493f4 modes/asm/ghash-alpha.pl: make it work with older assembler for real. 
PR: 3165
 2013-11-09 11:41:59 +01:00
Andy Polyakov
d24d1d7daf modes/asm/ghash-alpha.pl: make it work with older assembler. 
PR: 3165
 2013-11-08 22:56:44 +01:00
Dr. Stephen Henson
b0513fd2bb Initialise context before using it. 
(cherry picked from commit a4947e4e06)
 2013-11-06 13:19:13 +00:00
Ben Laurie
c10e3f0cff PBKDF2 should be efficient. Contributed by Christian Heimes 
<christian@python.org>.
 2013-11-03 17:23:50 +00:00
Robin Seggelmann
b814081136 DTLS/SCTP struct authchunks Bug 
PR: 2809

DTLS/SCTP requires DATA and FORWARD-TSN chunks to be protected with
SCTP-AUTH.  It is checked if this has been activated successfully for
the local and remote peer. Due to a bug, however, the
gauth_number_of_chunks field of the authchunks struct is missing on
FreeBSD, and was therefore not considered in the OpenSSL implementation.
This patch sets the corresponding pointer for the check correctly
whether or not this bug is present.
(cherry picked from commit f596e3c491)
 2013-11-01 21:41:52 +00:00
Andy Polyakov
fb65e65e28 sha/asm/sha512-ppc.pl: fix typo. 
Submitted by: Marcelo Cerri
 2013-10-31 20:21:54 +01:00
Andy Polyakov
0e0a105364 perlas/ppc-xlate.pl: fix typo. 2013-10-31 11:58:50 +01:00
Andy Polyakov
c944f81703 aes/asm/aes-ppc.pl: add little-endian support. 
Submitted by: Marcelo Cerri
 2013-10-31 11:41:26 +01:00
Andy Polyakov
8ff8a829b0 perlasm/ppc-xlate.pl: add .quad directive 
sha/asm/sha512-ppc.pl: add little-endian support.

Submitted by: Marcelo Cerri
 2013-10-31 11:08:51 +01:00
Andy Polyakov
3f9562a669 sha/asm/sha1-ppc.pl: add little-endian support. 
Submitted by: Marcelo Cerri
 2013-10-31 11:07:38 +01:00
Andy Polyakov
4eeb750d20 bn/asm/x86_64-mont.pl: minor optimization [for Decoded ICache]. 2013-10-25 10:14:20 +02:00
Lubomir Rintel
ed77017b59 POD: Fix list termination 
This fixes problems in POD list formatting: extra or missing =back
sequences.

doc/ssl/SSL_CTX_set1_curves.pod around line 90: =back without =over
doc/ssl/SSL_CTX_set1_verify_cert_store.pod around line 73: =back without =over
doc/ssl/SSL_CTX_add1_chain_cert.pod around line 82: =back without =over
doc/crypto/evp.pod around line 40: '=item' outside of any '=over'
crypto/des/des.pod around line 184: You forgot a '=back' before '=head1'

PR#3147
 2013-10-22 07:38:25 +01:00
Dr. Stephen Henson
c051e521a7 Time value for various platforms. 
The function gettimeofday() is not supported on all platforms. Use
more portable versions. Adapted from FIPS code.
 2013-10-20 22:07:36 +01:00
Andy Polyakov
76c15d790e PPC assembly pack: make new .size directives profiler-friendly. 
Suggested by: Anton Blanchard
 2013-10-15 23:40:12 +02:00
Dr. Stephen Henson
579a759071 Fix warning. 2013-10-15 11:33:30 +01:00
Dr. Stephen Henson
da317b94d9 Add test vectors from RFC7027 2013-10-15 11:33:30 +01:00
Dr. Stephen Henson
7f5fd314c0 Sync OID numbers with 1.0.2 branch. 2013-10-15 11:33:30 +01:00
Andy Polyakov
d6019e1654 PPC assembly pack: add .size directives. 2013-10-15 00:14:39 +02:00
Andy Polyakov
30b9c2348d bn/asm/*x86_64*.pl: correct assembler requirement for ad*x. 2013-10-14 22:41:00 +02:00
Andy Polyakov
039081b809 Initial aarch64 bits. 2013-10-13 19:15:15 +02:00
Andy Polyakov
0c2adb0a9b MIPS assembly pack: get rid of deprecated instructions. 
Latest MIPS ISA specification declared 'branch likely' instructions
obsolete. To makes code future-proof replace them with equivalent.
 2013-10-13 13:14:52 +02:00
Andy Polyakov
b4f0abd246 evp/e_aes_cbc_hmac_sha*.c: limit multi-block fragmentation to 1KB. 
Excessive fragmentation put additional burden (of addtional MAC
calculations) on the other size and limiting fragments it to 1KB
limits the overhead to ~6%.
 2013-10-12 22:10:28 +02:00
Andy Polyakov
7e1e3334f6 aes/asm/bsaes-x86_64.pl: fix Windows-specific bug in XTS. 
PR: 3139
 2013-10-12 21:37:55 +02:00
Andy Polyakov
fa104be35e bn/asm/rsax-avx2.pl: minor optimization [for Decoded ICache]. 2013-10-10 23:06:43 +02:00
Andy Polyakov
37de2b5c1e bn/bn_exp.c: prefer MULX/AD*X over AVX2. 2013-10-09 11:08:52 +02:00
Andy Polyakov
a69c0a1be5 evp/e_aes_cbc_hmac_sha*.c: harmonize names, fix bugs. 2013-10-08 23:39:26 +02:00
Andy Polyakov
b1de640f03 evp/evp.h: add multi-block contstants and parameter type. 2013-10-08 23:38:05 +02:00
Andy Polyakov
61ba602af5 sha/asm/sha*-mb-x86_64.pl: commentary update. 2013-10-08 23:36:55 +02:00
Ben Laurie
c45a48c186 Constification. 2013-10-07 12:45:26 +01:00
Andy Polyakov
6f6a613032 aes/asm/bsaes-*.pl: improve decrypt performance. 
Improve decrypt performance by 10-20% depending on platform. Thanks
to Jussi Kivilinna for providing valuable hint. Also thanks to Ard
Biesheuvel.
 2013-10-03 23:08:31 +02:00
Andy Polyakov
524b00c0da evp/e_des3.c: fix typo with potential integer overflow on 32-bit platforms. 
Submitted by: Yuriy Kaminskiy
 2013-10-03 10:55:49 +02:00
Andy Polyakov
6b2cae0c16 perlasm/sparcv9_modes.pl: make it work even with seasoned perl. 
PR: 3130
 2013-10-03 10:42:11 +02:00
Andy Polyakov
a5bb5bca52 bn/asm/x86_64-mont*.pl: add MULX/ADCX/ADOX code path. 2013-10-03 00:45:04 +02:00
Andy Polyakov
87954638a6 rsaz-x86_64.pl: add MULX/ADCX/ADOX code path. 2013-10-03 00:30:12 +02:00
Andy Polyakov
667053a2f3 x86_64-xlate.pl: fix jrcxz in nasm case. 2013-10-03 00:26:09 +02:00
Andy Polyakov
7f893258f6 evp/e_aes_cbc_hmac_sha*.c: multi-block glue code. 2013-10-03 00:24:03 +02:00
Andy Polyakov
6bcb68da41 Configire: take multi-block modules into build loop. 2013-10-03 00:21:10 +02:00
Andy Polyakov
b783858654 x86_64 assembly pack: add multi-block AES-NI, SHA1 and SHA256. 2013-10-03 00:18:58 +02:00
Andy Polyakov
5f487e0317 evp/e_aes_cbc_hmac_sha256.c: enable is on all AES-NI platforms, not only on AVX. 2013-10-03 00:16:51 +02:00