root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
9,375 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

9375 Commits

Author SHA1 Message Date
Andy Polyakov e3a510f8a6 Add GHASH x86 assembler. 2010-03-09 23:03:33 +00:00
Dr. Stephen Henson b17bdc7734 PR: 2188 
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>

Add "missing" functions to get and set prompt constructor.
 2010-03-09 17:24:33 +00:00
Dr. Stephen Henson a0e4a8e10a PR: 2186 
Submitted By: "Joel Rabinovitch" <Joel.Rabinovitch@tecsys.com>

Detect aix64-gcc
 2010-03-09 17:08:48 +00:00
Dr. Stephen Henson d6eebf6d8a reserve a few more bits for future cipher modes 2010-03-08 23:48:21 +00:00
Andy Polyakov 2262beef2e gcm128.c: add option for streamed GHASH, simple benchmark, minor naming 
change.
 2010-03-08 22:44:37 +00:00
Dr. Stephen Henson 31904ecdf3 RSA PSS verification support including certificates and certificate 
requests. Add new ASN1 signature initialisation function to handle this
case.
 2010-03-08 18:10:35 +00:00
Dr. Stephen Henson a4d9c12f99 correct error code 2010-03-08 18:07:05 +00:00
Dr. Stephen Henson 809cd0a22d print outermost signature algorithm parameters too 2010-03-07 17:02:47 +00:00
Dr. Stephen Henson bea29921a8 oops 2010-03-07 16:41:54 +00:00
Dr. Stephen Henson 7ed485bc9f The OID sanity check was incorrect. It should only disallow *leading* 0x80 
values.
 2010-03-07 16:40:05 +00:00
Dr. Stephen Henson 069d4cfea5 although AES is a variable length cipher, AES EVP methods have a fixed key length 2010-03-07 15:54:26 +00:00
Dr. Stephen Henson 49436b59b5 oops, make EVP ctr mode work again 2010-03-07 15:52:41 +00:00
Dr. Stephen Henson 9ef6fe8c2e typo 2010-03-07 15:37:37 +00:00
Dr. Stephen Henson 63b825c9d4 add separate PSS decode function, rename PSS parameters to RSA_PSS_PARAMS 2010-03-07 13:34:51 +00:00
Dr. Stephen Henson 77f4b6ba4f add MGF1 digest ctrl 2010-03-07 13:34:15 +00:00
Dr. Stephen Henson a5667732b9 update ASN1 sign/verify to use EVP_DigestSign and EVP_DigestVerify 2010-03-07 12:05:45 +00:00
Dr. Stephen Henson 1708456220 don't add digest alias if signature algorithm is undefined 2010-03-06 20:47:30 +00:00
Dr. Stephen Henson ff04bbe363 Add PSS algorithm printing. This is an initial step towards full PSS support. 
Uses ASN1 module in Martin Kaiser's PSS patch.
 2010-03-06 19:55:25 +00:00
Dr. Stephen Henson 148924c1f4 fix indent, newline 2010-03-06 18:14:13 +00:00
Dr. Stephen Henson fa1ba589f3 Add algorithm specific signature printing. An individual ASN1 method can 
now print out signatures instead of the standard hex dump.

More complex signatures (e.g. PSS) can print out more meaningful information.

Sample DSA version included that prints out the signature parameters r, s.

[Note EVP_PKEY_ASN1_METHOD is an application opaque structure so adding
 new fields in the middle has no compatibility issues]
 2010-03-06 18:05:05 +00:00
Dr. Stephen Henson 8c4ce7bab2 Fix memory leak: free up ENGINE functional reference if digest is not 
found in an ENGINE.
 2010-03-05 13:33:21 +00:00
Dr. Stephen Henson bb845ee044 Add -engine_impl option to dgst which will use an implementation of 
an algorithm from the supplied engine instead of just the default one.
 2010-03-05 13:28:21 +00:00
Dr. Stephen Henson b5cfc2f590 option to replace extensions with new ones: mainly for creating cross-certificates 2010-03-03 20:13:30 +00:00
Dr. Stephen Henson ebaa2cf5b2 PR: 2183 
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
 2010-03-03 19:56:34 +00:00
Dr. Stephen Henson cca1cd9a34 Submitted by: Tomas Hoger <thoger@redhat.com> 
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
 2010-03-03 15:41:18 +00:00
Dr. Stephen Henson 2c772c8700 don't mix definitions and code 2010-03-03 15:30:42 +00:00
Andy Polyakov e7f5b1cd42 Initial version of Galois Counter Mode implementation. Interface is still 
subject to change...
 2010-03-02 16:33:25 +00:00
Andy Polyakov 80dfadfdf3 ppccap.c: portability fix. 2010-03-02 16:28:29 +00:00
Andy Polyakov d8c7bd6e11 Fix s390x-specific HOST_l2c|c2l. 
Submitted by: Andreas Krebbel
 2010-03-02 16:23:40 +00:00
Dr. Stephen Henson f84c85b0e3 PR: 2178 
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com>

Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL
returns 1.
 2010-03-01 23:54:47 +00:00
Dr. Stephen Henson a05b8d0ede use supplied ENGINE in genrsa 2010-03-01 14:22:21 +00:00
Dr. Stephen Henson ff2fdbf2f8 oops, reinstate correct prototype 2010-03-01 03:01:27 +00:00
Dr. Stephen Henson da3955256d 'typo' 2010-03-01 01:53:34 +00:00
Dr. Stephen Henson 5e28ccb798 make USE_CRYPTODEV_DIGESTS work 2010-03-01 01:19:18 +00:00
Dr. Stephen Henson a6575572c6 load cryptodev if HAVE_CRYPTODEV is set too 2010-03-01 00:40:10 +00:00
Dr. Stephen Henson c3951d8973 update cryptodev to match 1.0.0 stable branch version 2010-03-01 00:37:58 +00:00
Ben Laurie 19ec2f4194 Fix warnings (note that gcc 4.2 has a bug that makes one of its 
warnings hard to fix without major surgery).
 2010-02-28 14:22:56 +00:00
Dr. Stephen Henson 2b13f80360 algorithms field has changed in 1.0.0 and later: update 2010-02-28 00:24:04 +00:00
Dr. Stephen Henson 40c5eaeeec oops, revert verify.c change 2010-02-27 23:03:26 +00:00
Dr. Stephen Henson c1ca9d3238 Add Kerberos fix which was in 0.9.8-stable but never committed to HEAD and 
1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos
ciphersuite bugs introduced with PR:1336."
 2010-02-27 23:02:41 +00:00
Dr. Stephen Henson 48435b2098 include TVS 1.1 version string 2010-02-26 19:38:33 +00:00
Dr. Stephen Henson 37c541faed Revert CFB block length change. Despite what SP800-38a says the input to 
CFB mode does *not* have to be a multiple of the block length and several
other specifications (e.g. PKCS#11) do not require this.
 2010-02-26 14:41:58 +00:00
Dr. Stephen Henson 0f776277bc oops, use correct date 2010-02-26 12:13:36 +00:00
Dr. Stephen Henson 5814d829e6 update NEWS 2010-02-25 18:20:30 +00:00
Dr. Stephen Henson f6bb465f87 update FAQ 2010-02-25 18:18:46 +00:00
Dr. Stephen Henson db28aa86e0 add -trusted_first option and verify flag 2010-02-25 12:21:48 +00:00
Dr. Stephen Henson 2da2ff5065 tidy verify code. xn not used any more and check for self signed more efficiently 2010-02-25 11:18:26 +00:00
Dr. Stephen Henson fbd2164044 Experimental support for partial chain verification: if an intermediate 
certificate is explicitly trusted (using -addtrust option to x509 utility
for example) the verification is sucessful even if the chain is not complete.
 2010-02-25 00:17:22 +00:00
Dr. Stephen Henson 04e4b82726 allow setting of verify names in command line utilities and print out verify names in verify utility 2010-02-25 00:11:32 +00:00
Dr. Stephen Henson 9b3d75706e verify parameter enumeration functions 2010-02-25 00:08:23 +00:00