Andy Polyakov [Sat, 14 Jan 2012 18:46:15 +0000 (18:46 +0000)]
cryptlib.c: make even non-Windows builds "strtoull-agnostic".
Andy Polyakov [Fri, 13 Jan 2012 09:18:05 +0000 (09:18 +0000)]
sha512-sparcv9.pl: work around V8+ warning.
Andy Polyakov [Fri, 13 Jan 2012 09:16:52 +0000 (09:16 +0000)]
aes-ppc.pl, sha512-ppc.pl: comply even with Embedded ABI specification
(most restrictive about r2 and r13 usage).
Andy Polyakov [Thu, 12 Jan 2012 16:21:35 +0000 (16:21 +0000)]
Sanitize usage of <ctype.h> functions. It's important that characters
are passed zero-extended, not sign-extended.
PR: 2682
Andy Polyakov [Thu, 12 Jan 2012 13:22:51 +0000 (13:22 +0000)]
ec_pmeth.c: fix typo in commentary.
PR: 2677
Submitted by: Annue Yousar
Andy Polyakov [Wed, 11 Jan 2012 21:58:19 +0000 (21:58 +0000)]
doc/apps: formatting fixes.
PR: 2683
Submitted by: Annie Yousar
Andy Polyakov [Wed, 11 Jan 2012 21:48:31 +0000 (21:48 +0000)]
speed.c: typo in pkey_print_message.
PR: 2681
Submitted by: Annie Yousar
Andy Polyakov [Wed, 11 Jan 2012 21:41:32 +0000 (21:41 +0000)]
ecdsa.pod: typo.
PR: 2678
Submitted by: Annie Yousar
Andy Polyakov [Wed, 11 Jan 2012 21:12:22 +0000 (21:12 +0000)]
asn1/t_x509.c: fix serial number print, harmonize with a_int.c.
PR: 2675
Submitted by: Annie Yousar
Andy Polyakov [Wed, 11 Jan 2012 15:30:53 +0000 (15:30 +0000)]
aes-sparcv9.pl: clean up regexp
PR: 2685
Dr. Stephen Henson [Tue, 10 Jan 2012 14:36:41 +0000 (14:36 +0000)]
fix warning (revert original patch)
Andy Polyakov [Fri, 6 Jan 2012 13:19:16 +0000 (13:19 +0000)]
cmac.c: optimize make_kn and move zero_iv to const segment.
Andy Polyakov [Fri, 6 Jan 2012 13:17:47 +0000 (13:17 +0000)]
bn_nist.c: harmonize buf in BN_nist_mod_256 with other mod functions.
Bodo Möller [Thu, 5 Jan 2012 13:48:55 +0000 (13:48 +0000)]
Update for 0.9.8s and 1.0.0f, and for 1.0.1 branch.
(While the 1.0.0f CHANGES entry on VOS PRNG seeding was missing
in HEAD, the actual code is here already.)
Bodo Möller [Thu, 5 Jan 2012 13:16:30 +0000 (13:16 +0000)]
Fix usage indentation
Bodo Möller [Thu, 5 Jan 2012 10:22:41 +0000 (10:22 +0000)]
Fix for builds without DTLS support.
Submitted by: Brian Carlstrom
Dr. Stephen Henson [Thu, 5 Jan 2012 00:28:43 +0000 (00:28 +0000)]
PR: 2671
Submitted by: steve
Update maximum message size for certifiate verify messages to support
4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.
Dr. Stephen Henson [Thu, 5 Jan 2012 00:23:17 +0000 (00:23 +0000)]
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Send fatal alert if heartbeat extension has an illegal value.
Dr. Stephen Henson [Thu, 5 Jan 2012 00:07:46 +0000 (00:07 +0000)]
disable heartbeats if tlsext disabled
Dr. Stephen Henson [Wed, 4 Jan 2012 23:54:17 +0000 (23:54 +0000)]
update CHANGES
Dr. Stephen Henson [Wed, 4 Jan 2012 23:52:26 +0000 (23:52 +0000)]
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de>
Reviewed by: steve
Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
Dr. Stephen Henson [Wed, 4 Jan 2012 23:16:15 +0000 (23:16 +0000)]
Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)
Dr. Stephen Henson [Wed, 4 Jan 2012 23:15:51 +0000 (23:15 +0000)]
Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
Dr. Stephen Henson [Wed, 4 Jan 2012 23:10:44 +0000 (23:10 +0000)]
fix CHANGES
Dr. Stephen Henson [Wed, 4 Jan 2012 23:03:40 +0000 (23:03 +0000)]
Check GOST parameters are not NULL (CVE-2012-0027)
Dr. Stephen Henson [Wed, 4 Jan 2012 23:01:54 +0000 (23:01 +0000)]
Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)
Dr. Stephen Henson [Wed, 4 Jan 2012 20:05:58 +0000 (20:05 +0000)]
update FAQ
Dr. Stephen Henson [Wed, 4 Jan 2012 14:45:47 +0000 (14:45 +0000)]
fix warnings
Dr. Stephen Henson [Wed, 4 Jan 2012 14:25:42 +0000 (14:25 +0000)]
Submitted by: Adam Langley <agl@chromium.org>
Reviewed by: steve
Fix memory leaks.
Dr. Stephen Henson [Tue, 3 Jan 2012 22:06:21 +0000 (22:06 +0000)]
oops, revert wrong patch
Dr. Stephen Henson [Tue, 3 Jan 2012 22:03:20 +0000 (22:03 +0000)]
only send heartbeat extension from server if client sent one
Dr. Stephen Henson [Mon, 2 Jan 2012 18:25:37 +0000 (18:25 +0000)]
incomplete provisional OAEP CMS decrypt support
Dr. Stephen Henson [Sat, 31 Dec 2011 23:50:01 +0000 (23:50 +0000)]
recognise HEARTBEATS in mkdef.pl script
Dr. Stephen Henson [Sat, 31 Dec 2011 23:08:15 +0000 (23:08 +0000)]
update CHANGES
Dr. Stephen Henson [Sat, 31 Dec 2011 22:59:57 +0000 (22:59 +0000)]
PR: 2658
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Support for TLS/DTLS heartbeats.
Dr. Stephen Henson [Tue, 27 Dec 2011 14:46:03 +0000 (14:46 +0000)]
make update
Dr. Stephen Henson [Tue, 27 Dec 2011 14:45:32 +0000 (14:45 +0000)]
update default depflags
Dr. Stephen Henson [Tue, 27 Dec 2011 14:40:21 +0000 (14:40 +0000)]
fix error code
Dr. Stephen Henson [Tue, 27 Dec 2011 14:39:13 +0000 (14:39 +0000)]
fix deprecated statement
Dr. Stephen Henson [Tue, 27 Dec 2011 14:21:45 +0000 (14:21 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
- remove some unncessary SSL_err and permit
an srp user callback to allow a worker to obtain
a user verifier.
- cleanup and comments in s_server and demonstration
for asynchronous srp user lookup
Dr. Stephen Henson [Mon, 26 Dec 2011 19:37:58 +0000 (19:37 +0000)]
PR: 2326
Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve
Fix incorrect comma expressions and goto f_err as alert has been set.
Dr. Stephen Henson [Sun, 25 Dec 2011 14:59:52 +0000 (14:59 +0000)]
recognise no-sctp
Dr. Stephen Henson [Sun, 25 Dec 2011 14:46:15 +0000 (14:46 +0000)]
recognise SCTP in mkdef.pl script
Dr. Stephen Henson [Sun, 25 Dec 2011 14:45:15 +0000 (14:45 +0000)]
PR: 2535
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Add SCTP support for DTLS (RFC 6083).
Dr. Stephen Henson [Fri, 23 Dec 2011 15:03:03 +0000 (15:03 +0000)]
typo
Dr. Stephen Henson [Fri, 23 Dec 2011 14:58:30 +0000 (14:58 +0000)]
recognise DECLARE_PEM_write_const, update ordinals
Dr. Stephen Henson [Fri, 23 Dec 2011 14:09:30 +0000 (14:09 +0000)]
delete unimplemented function from header file, update ordinals
Dr. Stephen Henson [Thu, 22 Dec 2011 16:11:47 +0000 (16:11 +0000)]
sync and update ordinals
Dr. Stephen Henson [Thu, 22 Dec 2011 16:05:02 +0000 (16:05 +0000)]
remove prototype for deleted SRP function
Dr. Stephen Henson [Thu, 22 Dec 2011 15:14:32 +0000 (15:14 +0000)]
New ctrl values to clear or retrieve extra chain certs from an SSL_CTX.
New function to retrieve compression method from SSL_SESSION structure.
Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions
as they duplicate functionality of SSL_SESSION_get_id. Note: these functions
have never appeared in any release version of OpenSSL.
Dr. Stephen Henson [Mon, 19 Dec 2011 17:01:37 +0000 (17:01 +0000)]
PR: 2563
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve
Improved PRNG seeding for VOS.
Andy Polyakov [Mon, 19 Dec 2011 14:48:49 +0000 (14:48 +0000)]
update CHANGES.
Dr. Stephen Henson [Mon, 19 Dec 2011 14:41:03 +0000 (14:41 +0000)]
update CHANGES
Andy Polyakov [Mon, 19 Dec 2011 14:33:09 +0000 (14:33 +0000)]
apps/speed.c: fix typo in last commit.
Andy Polyakov [Thu, 15 Dec 2011 22:30:03 +0000 (22:30 +0000)]
apps/speed.c: Cygwin alarm() fails sometimes.
PR: 2655
Andy Polyakov [Thu, 15 Dec 2011 22:20:05 +0000 (22:20 +0000)]
vpaes-x86.pl: revert previous commit and solve the problem through x86masm.pl.
PR: 2657
Dr. Stephen Henson [Wed, 14 Dec 2011 22:17:06 +0000 (22:17 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Remove unnecessary code for srp and to add some comments to
s_client.
- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable
- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.
Dr. Stephen Henson [Wed, 14 Dec 2011 22:14:47 +0000 (22:14 +0000)]
Add private keys and generation scripts for test certificates in apps
directory.
Andy Polyakov [Wed, 14 Dec 2011 21:29:32 +0000 (21:29 +0000)]
vpaes-x86.pl: portability fix.
PR: 2657
Ben Laurie [Tue, 13 Dec 2011 15:57:39 +0000 (15:57 +0000)]
Remove redundant TLS exporter.
Ben Laurie [Tue, 13 Dec 2011 15:56:40 +0000 (15:56 +0000)]
Padlock engine doesn't build (the asm parts are not built for some reason),
so remove for now.
Ben Laurie [Tue, 13 Dec 2011 15:55:35 +0000 (15:55 +0000)]
Fix warning.
Ben Laurie [Tue, 13 Dec 2011 15:00:43 +0000 (15:00 +0000)]
Back out redundant verification time change.
Ben Laurie [Tue, 13 Dec 2011 14:38:12 +0000 (14:38 +0000)]
Make it possible to set a time for verification.
Andy Polyakov [Mon, 12 Dec 2011 15:10:14 +0000 (15:10 +0000)]
modexp512-x86_64.pl: Solaris protability fix.
PR: 2656
Dr. Stephen Henson [Sun, 11 Dec 2011 16:39:25 +0000 (16:39 +0000)]
detect and use older PKITS data
Dr. Stephen Henson [Sat, 10 Dec 2011 13:38:34 +0000 (13:38 +0000)]
Updates from fips2 branch: close streams in test utilities, use cofactor ECDH
add new key and signature generation tests to fips_test_suite.
Dr. Stephen Henson [Sat, 10 Dec 2011 13:35:11 +0000 (13:35 +0000)]
add cofactor ECDH support from fips branch
Dr. Stephen Henson [Sat, 10 Dec 2011 13:29:38 +0000 (13:29 +0000)]
use different names for asm temp files to avoid problems on some platforms
Dr. Stephen Henson [Sat, 10 Dec 2011 00:49:55 +0000 (00:49 +0000)]
add commented out option to allow use of older PKITS data
Dr. Stephen Henson [Sat, 10 Dec 2011 00:49:05 +0000 (00:49 +0000)]
update CHANGES
Dr. Stephen Henson [Sat, 10 Dec 2011 00:37:22 +0000 (00:37 +0000)]
implement -attime option as a verify parameter then it works with all relevant applications
Andy Polyakov [Fri, 9 Dec 2011 19:16:20 +0000 (19:16 +0000)]
perlasm/x86gas.pl: give a hand old assemblers assembling loop instruction.
Andy Polyakov [Fri, 9 Dec 2011 14:21:25 +0000 (14:21 +0000)]
x86-mont.pl: fix bug in integer-only squaring path.
PR: 2648
Dr. Stephen Henson [Thu, 8 Dec 2011 14:44:05 +0000 (14:44 +0000)]
Replace expired test server and client certificates with new ones.
Dr. Stephen Henson [Wed, 7 Dec 2011 12:44:03 +0000 (12:44 +0000)]
transparently handle X9.42 DH parameters
Dr. Stephen Henson [Wed, 7 Dec 2011 12:28:40 +0000 (12:28 +0000)]
fix error discrepancy
Dr. Stephen Henson [Wed, 7 Dec 2011 00:42:22 +0000 (00:42 +0000)]
Document RFC5114 "generation" options.
Dr. Stephen Henson [Wed, 7 Dec 2011 00:32:34 +0000 (00:32 +0000)]
Initial experimental support for X9.42 DH parameter format to handle
RFC5114 parameters and X9.42 DH public and private keys.
Dr. Stephen Henson [Tue, 6 Dec 2011 00:00:30 +0000 (00:00 +0000)]
The default CN prompt message can be confusing when often the CN needs to
be the server FQDN: change it.
[Reported by PSW Group]
Bodo Möller [Fri, 2 Dec 2011 12:52:00 +0000 (12:52 +0000)]
Resolve a stack set-up race condition (if the list of compression
methods isn't presorted, it will be sorted on first read).
Submitted by: Adam Langley
Bodo Möller [Fri, 2 Dec 2011 12:41:17 +0000 (12:41 +0000)]
Fix ecdsatest.c.
Submitted by: Emilia Kasper
Bodo Möller [Fri, 2 Dec 2011 12:28:20 +0000 (12:28 +0000)]
Update HEAD CHANGES file.
Bodo Möller [Fri, 2 Dec 2011 12:25:03 +0000 (12:25 +0000)]
Fix BIO_f_buffer().
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
Dr. Stephen Henson [Thu, 1 Dec 2011 17:27:36 +0000 (17:27 +0000)]
Update DH_check() to peform sensible checks when q parameter is present.
Dr. Stephen Henson [Thu, 1 Dec 2011 17:26:58 +0000 (17:26 +0000)]
Correct some parameter values.
Andy Polyakov [Thu, 1 Dec 2011 12:16:09 +0000 (12:16 +0000)]
bn/asm/mips.pl: fix typos.
Dr. Stephen Henson [Fri, 25 Nov 2011 16:03:42 +0000 (16:03 +0000)]
return error if counter exceeds limit and seed value supplied
Dr. Stephen Henson [Fri, 25 Nov 2011 15:01:23 +0000 (15:01 +0000)]
check counter value against 4 * L, not 4096
Dr. Stephen Henson [Fri, 25 Nov 2011 00:17:44 +0000 (00:17 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Make SRP conformant to rfc 5054.
Changes are:
- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.
Bodo Möller [Thu, 24 Nov 2011 21:07:01 +0000 (21:07 +0000)]
Fix NPN implementation for renegotiation.
(Problem pointed out by Ben Murphy.)
Submitted by: Adam Langley
Dr. Stephen Henson [Tue, 22 Nov 2011 14:46:09 +0000 (14:46 +0000)]
sync and update ordinals
Dr. Stephen Henson [Tue, 22 Nov 2011 14:44:58 +0000 (14:44 +0000)]
add cryptlib.h to mkdef.pl
Dr. Stephen Henson [Mon, 21 Nov 2011 22:57:41 +0000 (22:57 +0000)]
sync and update ordinals
Dr. Stephen Henson [Mon, 21 Nov 2011 22:55:23 +0000 (22:55 +0000)]
add strp.h to mkdef.pl headers
Dr. Stephen Henson [Mon, 21 Nov 2011 22:52:13 +0000 (22:52 +0000)]
move internal functions to ssl_locl.h
Dr. Stephen Henson [Mon, 21 Nov 2011 22:28:29 +0000 (22:28 +0000)]
bcmp doesn't exist on all platforms, replace with memcmp
Andy Polyakov [Wed, 16 Nov 2011 23:34:01 +0000 (23:34 +0000)]
bsaes-x86_64.pl: fix buffer overrun in tail processing.
Dr. Stephen Henson [Wed, 16 Nov 2011 13:28:35 +0000 (13:28 +0000)]
In EC_KEY_set_public_key_affine_coordinates include explicit check to see passed components do not exceed field order
Ben Laurie [Tue, 15 Nov 2011 23:50:52 +0000 (23:50 +0000)]
Add TLS exporter.