oweals/openssl.git
18 years agoAllow for mingw cross-compile configuration.
Andy Polyakov [Mon, 23 Oct 2006 07:30:19 +0000 (07:30 +0000)]
Allow for mingw cross-compile configuration.

18 years agoMake c_rehash more platform neutral and make it work in mixed environment,
Andy Polyakov [Sat, 21 Oct 2006 16:28:03 +0000 (16:28 +0000)]
Make c_rehash more platform neutral and make it work in mixed environment,
such as MSYS with "native" Win32 perl.

18 years agoRudimentary support for cross-compiling.
Andy Polyakov [Sat, 21 Oct 2006 13:38:16 +0000 (13:38 +0000)]
Rudimentary support for cross-compiling.

18 years agoAlign data payload for better performance.
Andy Polyakov [Fri, 20 Oct 2006 11:26:00 +0000 (11:26 +0000)]
Align data payload for better performance.

18 years agoAvoid application relink on every make invocation.
Andy Polyakov [Fri, 20 Oct 2006 11:23:35 +0000 (11:23 +0000)]
Avoid application relink on every make invocation.

18 years agoGcc over-optimizes PadLock AES CFB codepath, tell it not to.
Andy Polyakov [Thu, 19 Oct 2006 20:55:05 +0000 (20:55 +0000)]
Gcc over-optimizes PadLock AES CFB codepath, tell it not to.

18 years agoTemporary fix for sha256 IA64 assembler.
Andy Polyakov [Wed, 18 Oct 2006 09:42:56 +0000 (09:42 +0000)]
Temporary fix for sha256 IA64 assembler.

18 years agoFix bug in big-endian path and optimize it for size.
Andy Polyakov [Wed, 18 Oct 2006 08:15:16 +0000 (08:15 +0000)]
Fix bug in big-endian path and optimize it for size.

18 years agoTypo in perlasm/x86asm.pl.
Andy Polyakov [Tue, 17 Oct 2006 16:21:28 +0000 (16:21 +0000)]
Typo in perlasm/x86asm.pl.

18 years agoFurther synchronizations with md32_common.h update, consistent naming
Andy Polyakov [Tue, 17 Oct 2006 16:13:18 +0000 (16:13 +0000)]
Further synchronizations with md32_common.h update, consistent naming
for low-level SHA block routines.

18 years agobn/asm/ppc.pl to use ppc-xlate.pl.
Andy Polyakov [Tue, 17 Oct 2006 14:37:07 +0000 (14:37 +0000)]
bn/asm/ppc.pl to use ppc-xlate.pl.

18 years agoFurther synchronizations with md32_common.h update.
Andy Polyakov [Tue, 17 Oct 2006 13:38:10 +0000 (13:38 +0000)]
Further synchronizations with md32_common.h update.

18 years agoVIA-specific Montgomery multiplication routine.
Andy Polyakov [Tue, 17 Oct 2006 07:04:48 +0000 (07:04 +0000)]
VIA-specific Montgomery multiplication routine.

18 years agoSynchronize SHA1 assembler with md32_common.h update.
Andy Polyakov [Tue, 17 Oct 2006 07:00:23 +0000 (07:00 +0000)]
Synchronize SHA1 assembler with md32_common.h update.

18 years agoSupport for .asciz directive in perlasm modules.
Andy Polyakov [Tue, 17 Oct 2006 06:43:11 +0000 (06:43 +0000)]
Support for .asciz directive in perlasm modules.

18 years agoLinking errors on IA64 and typo in aes-ia64.S.
Andy Polyakov [Tue, 17 Oct 2006 06:41:27 +0000 (06:41 +0000)]
Linking errors on IA64 and typo in aes-ia64.S.

18 years agoRe-implement md32_common.h [make it simpler!] and eliminate code rendered
Andy Polyakov [Wed, 11 Oct 2006 11:55:11 +0000 (11:55 +0000)]
Re-implement md32_common.h [make it simpler!] and eliminate code rendered
redundant as result.

18 years agoTypo.
Dr. Stephen Henson [Thu, 5 Oct 2006 21:59:50 +0000 (21:59 +0000)]
Typo.

18 years agoreturn an error if the supplied precomputed values lead to an invalid signature
Nils Larsch [Wed, 4 Oct 2006 19:37:17 +0000 (19:37 +0000)]
return an error if the supplied precomputed values lead to an invalid signature

18 years agoASN1_item_verify needs to initialize ctx before any "goto err" can
Bodo Möller [Wed, 4 Oct 2006 06:14:36 +0000 (06:14 +0000)]
ASN1_item_verify needs to initialize ctx before any "goto err" can
happen; the new code for the OID cross reference table failed to do so.

18 years agoPlace standard CRL behaviour in default X509_CRL_METHOD new functions to
Dr. Stephen Henson [Tue, 3 Oct 2006 02:47:59 +0000 (02:47 +0000)]
Place standard CRL behaviour in default X509_CRL_METHOD new functions to
create, free and set default CRL method.

18 years agoInitialise ctx to NULL to avoid uninitialized free, noticed by
Mark J. Cox [Fri, 29 Sep 2006 08:21:41 +0000 (08:21 +0000)]
Initialise ctx to NULL to avoid uninitialized free, noticed by
Steve Kiernan

18 years agoAll 0.9.8d patches have been applied to HEAD now, so we no longer need
Bodo Möller [Thu, 28 Sep 2006 13:50:41 +0000 (13:50 +0000)]
All 0.9.8d patches have been applied to HEAD now, so we no longer need
the redundant entries under the 0.9.9 heading.

18 years agoIntroduce limits to prevent malicious keys being able to
Bodo Möller [Thu, 28 Sep 2006 13:45:34 +0000 (13:45 +0000)]
Introduce limits to prevent malicious keys being able to
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

18 years agoinclude 0.9.8d and 0.9.7l information
Bodo Möller [Thu, 28 Sep 2006 13:35:01 +0000 (13:35 +0000)]
include 0.9.8d and 0.9.7l information

18 years agoFix ASN.1 parsing of certain invalid structures that can result
Mark J. Cox [Thu, 28 Sep 2006 13:20:44 +0000 (13:20 +0000)]
Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

18 years agoFix buffer overflow in SSL_get_shared_ciphers() function.
Mark J. Cox [Thu, 28 Sep 2006 13:18:43 +0000 (13:18 +0000)]
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
 malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]

18 years agoFixes for the following claims:
Richard Levitte [Thu, 28 Sep 2006 12:22:58 +0000 (12:22 +0000)]
Fixes for the following claims:

  1) Certificate Message with no certs

  OpenSSL implementation sends the Certificate message during SSL
  handshake, however as per the specification, these have been omitted.

  -- RFC 2712 --
     CertificateRequest, and the ServerKeyExchange shown in Figure 1
     will be omitted since authentication and the establishment of a
     master secret will be done using the client's Kerberos credentials
     for the TLS server.  The client's certificate will be omitted for
     the same reason.
  -- RFC 2712 --

  3) Pre-master secret Protocol version

  The pre-master secret generated by OpenSSL does not have the correct
  client version.

  RFC 2712 says, if the Kerberos option is selected, the pre-master
  secret structure is the same as that used in the RSA case.

  TLS specification defines pre-master secret as:
         struct {
             ProtocolVersion client_version;
             opaque random[46];
         } PreMasterSecret;

  where client_version is the latest protocol version supported by the
  client

  The pre-master secret generated by OpenSSL does not have the correct
  client version. The implementation does not update the first 2 bytes
  of random secret for Kerberos Cipher suites. At the server-end, the
  client version from the pre-master secret is not validated.

PR: 1336

18 years agoInitialize new callbacks and make sure hent is always initialized.
Dr. Stephen Henson [Tue, 26 Sep 2006 13:25:19 +0000 (13:25 +0000)]
Initialize new callbacks and make sure hent is always initialized.

18 years agoComplete the change for VMS.
Richard Levitte [Mon, 25 Sep 2006 08:35:35 +0000 (08:35 +0000)]
Complete the change for VMS.

18 years agoSubmitted by: Brad Spencer <spencer@jacknife.org>
Dr. Stephen Henson [Sat, 23 Sep 2006 17:29:49 +0000 (17:29 +0000)]
Submitted by: Brad Spencer <spencer@jacknife.org>
Reviewed by: steve

18 years agoBuffer size handling fix for enc.
Dr. Stephen Henson [Fri, 22 Sep 2006 17:14:22 +0000 (17:14 +0000)]
Buffer size handling fix for enc.

PR:1374

18 years agoUsing correct lock for X509_REQ.
Dr. Stephen Henson [Fri, 22 Sep 2006 17:06:09 +0000 (17:06 +0000)]
Using correct lock for X509_REQ.

PR:1348

18 years agoUpdate length if copying MSB set in asn1_string_canon().
Dr. Stephen Henson [Fri, 22 Sep 2006 13:37:15 +0000 (13:37 +0000)]
Update length if copying MSB set in asn1_string_canon().

18 years agoUpdated file.
Dr. Stephen Henson [Thu, 21 Sep 2006 16:19:10 +0000 (16:19 +0000)]
Updated file.

18 years agoAdd missing prototype. Fix various warnings (C++ comments, ; outside function).
Dr. Stephen Henson [Thu, 21 Sep 2006 13:24:46 +0000 (13:24 +0000)]
Add missing prototype. Fix various warnings (C++ comments, ; outside function).

18 years agoMake int_rsa_sign function match prototype.
Dr. Stephen Henson [Thu, 21 Sep 2006 13:11:24 +0000 (13:11 +0000)]
Make int_rsa_sign function match prototype.

PR: 1383

18 years agoCompile in gost engine.
Dr. Stephen Henson [Thu, 21 Sep 2006 13:07:57 +0000 (13:07 +0000)]
Compile in gost engine.

18 years agoUpdated version of gost engine.
Dr. Stephen Henson [Thu, 21 Sep 2006 13:04:43 +0000 (13:04 +0000)]
Updated version of gost engine.

18 years agoDo CRL method init after other operations.
Dr. Stephen Henson [Thu, 21 Sep 2006 12:48:56 +0000 (12:48 +0000)]
Do CRL method init after other operations.

18 years agoTidy up CRL handling by checking for critical extensions when it is
Dr. Stephen Henson [Thu, 21 Sep 2006 12:42:15 +0000 (12:42 +0000)]
Tidy up CRL handling by checking for critical extensions when it is
loaded. Add new function X509_CRL_get0_by_serial() to lookup a revoked
entry to avoid the need to access the structure directly.

Add new X509_CRL_METHOD to allow common CRL operations (verify, lookup) to be
redirected.

18 years agoBuild error on non-unix.
Andy Polyakov [Mon, 18 Sep 2006 19:50:54 +0000 (19:50 +0000)]
Build error on non-unix.
PR: 1390

18 years agoRace condition in ms/uplink.c.
Andy Polyakov [Mon, 18 Sep 2006 19:41:37 +0000 (19:41 +0000)]
Race condition in ms/uplink.c.
PR: 1382

18 years agoAs x86ms.pl is out, remove do_masm.bat and mention to it in INSTALL.W32.
Andy Polyakov [Mon, 18 Sep 2006 19:20:43 +0000 (19:20 +0000)]
As x86ms.pl is out, remove do_masm.bat and mention to it in INSTALL.W32.

18 years agoRemove x86ms.pl and reimplement x86*.pl.
Andy Polyakov [Mon, 18 Sep 2006 19:17:09 +0000 (19:17 +0000)]
Remove x86ms.pl and reimplement x86*.pl.

18 years agoImprove 386 portability of aes-586.pl.
Andy Polyakov [Mon, 18 Sep 2006 19:13:15 +0000 (19:13 +0000)]
Improve 386 portability of aes-586.pl.

18 years agoEnsure that the addition mods[i]+delta cannot overflow in probable_prime().
Bodo Möller [Mon, 18 Sep 2006 14:00:49 +0000 (14:00 +0000)]
Ensure that the addition mods[i]+delta cannot overflow in probable_prime().

[Problem pointed out by Adam Young <adamy (at) acm.org>]

18 years agoOverhaul of by_dir code to handle dynamic loading of CRLs.
Dr. Stephen Henson [Sun, 17 Sep 2006 17:16:28 +0000 (17:16 +0000)]
Overhaul of by_dir code to handle dynamic loading of CRLs.

18 years agoGOST public key algorithm ENGINE donated to the OpenSSL by Cryptocom.
Dr. Stephen Henson [Sun, 17 Sep 2006 13:00:18 +0000 (13:00 +0000)]
GOST public key algorithm ENGINE donated to the OpenSSL by Cryptocom.

Very early version, doesn't do much yet, not even added to the build system.

18 years agoSupport for AKID in CRLs and partial support for IDP. Overhaul of CRL
Dr. Stephen Henson [Thu, 14 Sep 2006 17:25:02 +0000 (17:25 +0000)]
Support for AKID in CRLs and partial support for IDP. Overhaul of CRL
handling to support this.

18 years agoUpdate docs.
Dr. Stephen Henson [Wed, 13 Sep 2006 03:28:42 +0000 (03:28 +0000)]
Update docs.

18 years agoUpdate
Bodo Möller [Tue, 12 Sep 2006 14:42:19 +0000 (14:42 +0000)]
Update

18 years agoFixes for new CRL/cert callbacks. Update CRL processing code to use new
Dr. Stephen Henson [Mon, 11 Sep 2006 13:00:52 +0000 (13:00 +0000)]
Fixes for new CRL/cert callbacks. Update CRL processing code to use new
callbacks.

18 years agoensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
Bodo Möller [Mon, 11 Sep 2006 09:49:03 +0000 (09:49 +0000)]
ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
ciphersuite as well

18 years agoAdd verify callback functions to lookup a STACK of matching certs or CRLs
Dr. Stephen Henson [Sun, 10 Sep 2006 12:38:37 +0000 (12:38 +0000)]
Add verify callback functions to lookup a STACK of matching certs or CRLs
based on subject name.

New thread safe functions to retrieve matching STACK from X509_STORE.

Cache some IDP components.

18 years agoMake sure the int_rsa_verify() prototype matches the implementation
Bodo Möller [Fri, 8 Sep 2006 06:00:40 +0000 (06:00 +0000)]
Make sure the int_rsa_verify() prototype matches the implementation
(m_len currently is 'unsigned int', not 'size_t')

Submitted by: Gisle Vanem

18 years agoAdditional detail.
Dr. Stephen Henson [Wed, 6 Sep 2006 11:59:04 +0000 (11:59 +0000)]
Additional detail.

18 years agoupdate information on "current version" ...
Bodo Möller [Wed, 6 Sep 2006 11:54:19 +0000 (11:54 +0000)]
update information on "current version" ...

18 years agoAdd an FAQ.
Dr. Stephen Henson [Wed, 6 Sep 2006 11:53:50 +0000 (11:53 +0000)]
Add an FAQ.

18 years agoRemove non-functional part of recent patch, after discussion with
Bodo Möller [Wed, 6 Sep 2006 06:43:11 +0000 (06:43 +0000)]
Remove non-functional part of recent patch, after discussion with
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)

18 years agoMake consistent with 0.9.8-branch version of this file
Bodo Möller [Wed, 6 Sep 2006 06:42:11 +0000 (06:42 +0000)]
Make consistent with 0.9.8-branch version of this file

18 years agoEvery change so far that is in the 0.9.8 branch is (or should be) in HEAD
Bodo Möller [Wed, 6 Sep 2006 06:34:52 +0000 (06:34 +0000)]
Every change so far that is in the 0.9.8 branch is (or should be) in HEAD

18 years agoAvoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
Mark J. Cox [Tue, 5 Sep 2006 08:58:03 +0000 (08:58 +0000)]
Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339)

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson

18 years agoRewrite sha1-586.pl.
Andy Polyakov [Thu, 31 Aug 2006 21:27:30 +0000 (21:27 +0000)]
Rewrite sha1-586.pl.

18 years agoFix bug in aes-586.pl.
Andy Polyakov [Thu, 31 Aug 2006 21:15:38 +0000 (21:15 +0000)]
Fix bug in aes-586.pl.

18 years agoFix bug in x86unix.pl introduced in latest update.
Andy Polyakov [Thu, 31 Aug 2006 21:12:17 +0000 (21:12 +0000)]
Fix bug in x86unix.pl introduced in latest update.
PR: 1380

18 years agoKill more C++ comments.
Dr. Stephen Henson [Thu, 31 Aug 2006 21:01:15 +0000 (21:01 +0000)]
Kill more C++ comments.

18 years agoFix C++ style comments, change assert to OPENSSL_assert, stop warning with
Dr. Stephen Henson [Thu, 31 Aug 2006 20:56:20 +0000 (20:56 +0000)]
Fix C++ style comments, change assert to OPENSSL_assert, stop warning with
pedantic mode.

18 years agoFix leak
Dr. Stephen Henson [Thu, 31 Aug 2006 20:10:37 +0000 (20:10 +0000)]
Fix leak

18 years agoForward port of IGE mode.
Ben Laurie [Thu, 31 Aug 2006 14:04:04 +0000 (14:04 +0000)]
Forward port of IGE mode.

18 years agoMake things static that should be. Declare stuff in headers that should be.
Ben Laurie [Mon, 28 Aug 2006 17:01:04 +0000 (17:01 +0000)]
Make things static that should be. Declare stuff in headers that should be.
Fix warnings.

18 years agoAccording to documentation, including time.h declares select() on
Richard Levitte [Sun, 20 Aug 2006 05:54:35 +0000 (05:54 +0000)]
According to documentation, including time.h declares select() on
OpenVMS, and possibly more.

Ref: http://h71000.www7.hp.com/doc/82final/6529/6529pro_019.html#r_select

18 years agoCorrect warnings about signedness.
Richard Levitte [Sun, 20 Aug 2006 05:18:12 +0000 (05:18 +0000)]
Correct warnings about signedness.

18 years agoUse gmtime on cygwin
Ulf Möller [Sun, 13 Aug 2006 09:03:38 +0000 (09:03 +0000)]
Use gmtime on cygwin
Submitted by: Corinna Vinschen

18 years ago+20% tune-up for Power5.
Andy Polyakov [Wed, 9 Aug 2006 15:40:30 +0000 (15:40 +0000)]
+20% tune-up for Power5.

18 years agoRevised AES_cbc_encrypt in x86 assembler module.
Andy Polyakov [Mon, 7 Aug 2006 09:05:52 +0000 (09:05 +0000)]
Revised AES_cbc_encrypt in x86 assembler module.

18 years agoCorrect punctuation.
Ulf Möller [Sat, 5 Aug 2006 20:45:06 +0000 (20:45 +0000)]
Correct punctuation.
PR: 1367

18 years agoAgressively prefetch S-box in SSE codepatch, relax alignment requirement,
Andy Polyakov [Wed, 2 Aug 2006 22:38:16 +0000 (22:38 +0000)]
Agressively prefetch S-box in SSE codepatch, relax alignment requirement,
check for SSE bit instead of MMX, as pshufw was introduces in PIII, minor
optimization, typos...

18 years agoSwitch to compact S-box when generating AES key schedule.
Andy Polyakov [Wed, 2 Aug 2006 07:46:56 +0000 (07:46 +0000)]
Switch to compact S-box when generating AES key schedule.

18 years agoSwitch to compact S-box when generating AES key schedule.
Andy Polyakov [Tue, 1 Aug 2006 22:10:39 +0000 (22:10 +0000)]
Switch to compact S-box when generating AES key schedule.

18 years agoReal Bourne shell doesn't interpret ==, but =.
Andy Polyakov [Tue, 1 Aug 2006 16:12:10 +0000 (16:12 +0000)]
Real Bourne shell doesn't interpret ==, but =.

18 years agoEngage assembler in solaris64-x86_64-cc.
Andy Polyakov [Mon, 31 Jul 2006 22:28:40 +0000 (22:28 +0000)]
Engage assembler in solaris64-x86_64-cc.

18 years agoperlasm/x86unix.pl update.
Andy Polyakov [Mon, 31 Jul 2006 22:26:40 +0000 (22:26 +0000)]
perlasm/x86unix.pl update.

18 years agoNext generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusively
Andy Polyakov [Mon, 31 Jul 2006 20:03:56 +0000 (20:03 +0000)]
Next generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusively
256 byte S-box. AES_cbc_encrypt needs further work as it should also use
slow routines when processing smaller amount of data.

18 years agoCamellia IPR information
Bodo Möller [Mon, 31 Jul 2006 11:50:01 +0000 (11:50 +0000)]
Camellia IPR information

18 years agoSupport for multiple CRLs with same issuer name in X509_STORE. Modify
Dr. Stephen Henson [Tue, 25 Jul 2006 17:39:38 +0000 (17:39 +0000)]
Support for multiple CRLs with same issuer name in X509_STORE. Modify
verify logic to try to use an unexpired CRL if possible.

18 years agoCache some CRL related extensions.
Dr. Stephen Henson [Mon, 24 Jul 2006 12:39:22 +0000 (12:39 +0000)]
Cache some CRL related extensions.

18 years agoAvoid warning.
Dr. Stephen Henson [Fri, 21 Jul 2006 22:46:19 +0000 (22:46 +0000)]
Avoid warning.

18 years agoAvoid WIN32 warning.
Dr. Stephen Henson [Fri, 21 Jul 2006 22:28:48 +0000 (22:28 +0000)]
Avoid WIN32 warning.

18 years agoAvoid warnings.
Dr. Stephen Henson [Fri, 21 Jul 2006 22:26:31 +0000 (22:26 +0000)]
Avoid warnings.

18 years agoUse correct pointer types for various functions.
Dr. Stephen Henson [Thu, 20 Jul 2006 16:56:47 +0000 (16:56 +0000)]
Use correct pointer types for various functions.

18 years agoNew Camellia implementation (replacing previous version)
Bodo Möller [Wed, 19 Jul 2006 13:38:26 +0000 (13:38 +0000)]
New Camellia implementation (replacing previous version)

Submitted by: NTT

18 years agoCamellia information
Bodo Möller [Wed, 19 Jul 2006 13:36:40 +0000 (13:36 +0000)]
Camellia information

18 years agoStore canonical encodings of Name structures. Update X509_NAME_cmp() to use
Dr. Stephen Henson [Tue, 18 Jul 2006 12:36:19 +0000 (12:36 +0000)]
Store canonical encodings of Name structures. Update X509_NAME_cmp() to use
them.

18 years agoReimplement outer rounds as "compact" in x86 assembler. This has rather
Andy Polyakov [Tue, 18 Jul 2006 10:05:38 +0000 (10:05 +0000)]
Reimplement outer rounds as "compact" in x86 assembler. This has rather
strong impact on decrypt performance, 20-25%. One probably should consider
switching between slower and faster routines depending on how much data
we were asked to process.

18 years agoWIN32 fixes signed/unsigned issues and slightly socket semantics.
Dr. Stephen Henson [Mon, 17 Jul 2006 18:52:51 +0000 (18:52 +0000)]
WIN32 fixes signed/unsigned issues and slightly socket semantics.

18 years agoUpdate .cvsignore again.
Dr. Stephen Henson [Mon, 17 Jul 2006 16:42:06 +0000 (16:42 +0000)]
Update .cvsignore again.

18 years agoUpdate .cvsignore
Dr. Stephen Henson [Mon, 17 Jul 2006 16:40:20 +0000 (16:40 +0000)]
Update .cvsignore

18 years agoFix various error codes to match functions.
Dr. Stephen Henson [Mon, 17 Jul 2006 16:33:31 +0000 (16:33 +0000)]
Fix various error codes to match functions.

18 years agoAdd -timeout option to ocsp utility.
Dr. Stephen Henson [Mon, 17 Jul 2006 13:26:54 +0000 (13:26 +0000)]
Add -timeout option to ocsp utility.