oweals/openssl.git
19 years agoRemove unused assembler modules.
Andy Polyakov [Sun, 6 Feb 2005 13:43:02 +0000 (13:43 +0000)]
Remove unused assembler modules.

19 years agoThis patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF
Andy Polyakov [Sun, 6 Feb 2005 13:23:34 +0000 (13:23 +0000)]
This patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF
and GNU binutils, but kept BSD make... And I took the opportunity to
unify other targets to this common least denominator...

19 years agoReliable BSD-x86-elf detection in ./config.
Andy Polyakov [Sun, 6 Feb 2005 13:20:23 +0000 (13:20 +0000)]
Reliable BSD-x86-elf detection in ./config.

19 years agoMake Makefile.shared BSD make-friendly, remove more redundant -lc, set up
Andy Polyakov [Sun, 6 Feb 2005 13:18:40 +0000 (13:18 +0000)]
Make Makefile.shared BSD make-friendly, remove more redundant -lc, set up
OBJECT_MODE for AIX.

19 years agoMake util/shlib_wrap.sh [Open]BSD-friendly.
Andy Polyakov [Sun, 6 Feb 2005 13:15:21 +0000 (13:15 +0000)]
Make util/shlib_wrap.sh [Open]BSD-friendly.

19 years agoMention no-sse2 option in INSTALL note.
Andy Polyakov [Sun, 6 Feb 2005 13:10:23 +0000 (13:10 +0000)]
Mention no-sse2 option in INSTALL note.

19 years agoIn mkdef.pl ignore trailing whitespace in #ifdef lines
Dr. Stephen Henson [Sat, 5 Feb 2005 17:22:14 +0000 (17:22 +0000)]
In mkdef.pl ignore trailing whitespace in #ifdef lines

19 years agoDrop redundant -lc from a number of rules in Makefile.shared. It's
Andy Polyakov [Thu, 3 Feb 2005 22:40:40 +0000 (22:40 +0000)]
Drop redundant -lc from a number of rules in Makefile.shared. It's
perfectly safe [compiler driver adds it] and in some situation even
perfectly appropriate [mixing -pthread and -lc on FreeBSD can have
lethal effect on apps/openssl]. I'd say we should get rid of more,
but I remove those I can test myself...

19 years agoShut whiny make's up.
Andy Polyakov [Thu, 3 Feb 2005 10:19:59 +0000 (10:19 +0000)]
Shut whiny make's up.

19 years agoAddress run-time linker problems: LD_PRELOAD issue on multi-ABI platforms
Andy Polyakov [Tue, 1 Feb 2005 23:48:37 +0000 (23:48 +0000)]
Address run-time linker problems: LD_PRELOAD issue on multi-ABI platforms
and SafeDllSearchMode in Windows.

Submitted by: Richard Levitte

19 years agoThe first argument to load_iv should really be a char ** instead of an
Richard Levitte [Thu, 27 Jan 2005 11:42:28 +0000 (11:42 +0000)]
The first argument to load_iv should really be a char ** instead of an
unsigned char **, since it points at text.

Thanks to Nils Larsch <nils.larsch@cybertrust.com> for pointing out
the inelegance of our code :-)

19 years agoOops, == should really be = when used with test ([ and ]).
Richard Levitte [Thu, 27 Jan 2005 10:59:36 +0000 (10:59 +0000)]
Oops, == should really be = when used with test ([ and ]).

I guess I use bash too much...

Thanks to Peter Sylvester <Peter.Sylvester@edelweb.fr> for pointing it
out to me.

19 years agoCheck for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might
Richard Levitte [Thu, 27 Jan 2005 01:49:25 +0000 (01:49 +0000)]
Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might
cause a segfault...  This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...

19 years agoGet rid if the annoying warning
Richard Levitte [Thu, 27 Jan 2005 01:47:31 +0000 (01:47 +0000)]
Get rid if the annoying warning

19 years agoThe mix of CFLAGS and LDFLAGS is a bit confusing in my opinion, and
Richard Levitte [Wed, 26 Jan 2005 23:51:20 +0000 (23:51 +0000)]
The mix of CFLAGS and LDFLAGS is a bit confusing in my opinion, and
Makefile.shared was a bit overcomplicated.

Make the shell variables LDFLAGS and SHAREDFLAGS in Makefile.shared
get the values of $(CFLAGS) or $(LDFLAGS) as appropriate depending on
the value the shell variables LDCMD and SHAREDCMD get.  That leaves
much less chance of confusion, since those pairs of shell variables
always are defined together.

19 years agoRespect the fact that most interactive shells don't restore stty settings
Andy Polyakov [Wed, 26 Jan 2005 19:58:15 +0000 (19:58 +0000)]
Respect the fact that most interactive shells don't restore stty settings
and make it work in non-interactive mode...

19 years agoPlease BSD make...
Andy Polyakov [Tue, 25 Jan 2005 22:09:11 +0000 (22:09 +0000)]
Please BSD make...

19 years agoFreeBSD 5 refuses to #include <malloc.h>. Fix compiler warning after
Andy Polyakov [Tue, 25 Jan 2005 22:07:22 +0000 (22:07 +0000)]
FreeBSD 5 refuses to #include <malloc.h>. Fix compiler warning after
http://cvs.openssl.org/chngview?cn=12843.

19 years ago./Configure to respect $thread_cflag variable.
Andy Polyakov [Mon, 24 Jan 2005 15:58:25 +0000 (15:58 +0000)]
./Configure to respect $thread_cflag variable.

19 years agoFold a bunch of linux and *BSD targets into [linux|BSD]-generic[32|64].
Andy Polyakov [Mon, 24 Jan 2005 14:38:14 +0000 (14:38 +0000)]
Fold a bunch of linux and *BSD targets into [linux|BSD]-generic[32|64].
Idea is to provide unified "fall-down" case for all rare platforms out
there. ./config is free to enable some optimizations, such as endianness
specification, specific -mcpu flags...

19 years agoDefault to AES u32 being unsinged int and not long. This improves cache
Andy Polyakov [Mon, 24 Jan 2005 14:22:05 +0000 (14:22 +0000)]
Default to AES u32 being unsinged int and not long. This improves cache
locality on 64-bit platforms (and fixes IA64 assembler-empowered build:-).
The choice is guarded by newly introduced AES_LONG macro, which needs
to be defined only on 16-bit platforms which we don't support (not that
I know of). Meaning that one could as well skip long option altogether.

19 years agoImprove ECB performance (48+14*rounds -> 18+13*rounds) and reserve for
Andy Polyakov [Mon, 24 Jan 2005 14:14:53 +0000 (14:14 +0000)]
Improve ECB performance (48+14*rounds -> 18+13*rounds) and reserve for
hand-coded zero-copy AES_cbc_encrypt.

19 years agolinux-arm target update.
Andy Polyakov [Fri, 21 Jan 2005 10:32:57 +0000 (10:32 +0000)]
linux-arm target update.
PR: 991

19 years agolinux-parisc update.
Andy Polyakov [Thu, 20 Jan 2005 17:00:14 +0000 (17:00 +0000)]
linux-parisc update.
PR: 990
Submitted by: Mike Frysinger <vapier@gentoo.org>

19 years agoBug-fix in CBC encrypt tail processing and commentary section update.
Andy Polyakov [Thu, 20 Jan 2005 10:33:37 +0000 (10:33 +0000)]
Bug-fix in CBC encrypt tail processing and commentary section update.

19 years agoApparently, at least with my VMS C environment, defining _XOPEN_SOURCE
Richard Levitte [Wed, 19 Jan 2005 17:03:07 +0000 (17:03 +0000)]
Apparently, at least with my VMS C environment, defining _XOPEN_SOURCE
gets _POSIX_C_SOURC and _ANSI_C_SOURCE defined, which stops u_int from
being defined, and that breaks havock into the rest of the standard
headers...  *sigh*

19 years agoSmall thing. It seems like we have to defined _XOPEN_SOURCE to get
Richard Levitte [Tue, 18 Jan 2005 16:46:02 +0000 (16:46 +0000)]
Small thing.  It seems like we have to defined _XOPEN_SOURCE to get
isascii() on DEC/Compaq/HP C for VMS.

19 years agoThrow in AES CBC assembler, up to +40% on aes-128-cbc benchmark.
Andy Polyakov [Tue, 18 Jan 2005 01:04:41 +0000 (01:04 +0000)]
Throw in AES CBC assembler, up to +40% on aes-128-cbc benchmark.

19 years agoFix a typo in a.out assembler modules.
Andy Polyakov [Tue, 18 Jan 2005 00:46:55 +0000 (00:46 +0000)]
Fix a typo in a.out assembler modules.

19 years agoReserve for AES CBC assembler implementation...
Andy Polyakov [Tue, 18 Jan 2005 00:43:32 +0000 (00:43 +0000)]
Reserve for AES CBC assembler implementation...

19 years agoDon't zap AES CBC IV, when decrypting truncated content in place.
Andy Polyakov [Tue, 18 Jan 2005 00:26:52 +0000 (00:26 +0000)]
Don't zap AES CBC IV, when decrypting truncated content in place.

19 years agoChanges concering RFC 3820 (proxy certificates) integration:
Richard Levitte [Mon, 17 Jan 2005 17:06:58 +0000 (17:06 +0000)]
Changes concering RFC 3820 (proxy certificates) integration:

 - Enforce that there should be no policy settings when the language
   is one of id-ppl-independent or id-ppl-inheritAll.
 - Add functionality to ssltest.c so that it can process proxy rights
   and check that they are set correctly.  Rights consist of ASCII
   letters, and the condition is a boolean expression that includes
   letters, parenthesis, &, | and ^.
 - Change the proxy certificate configurations so they get proxy
   rights that are understood by ssltest.c.
 - Add a script that tests proxy certificates with SSL operations.

Other changes:

 - Change the copyright end year in mkerr.pl.
 - make update.

19 years agoPKCS7_verify() performance optimization. When the content is large and a
Dr. Stephen Henson [Fri, 14 Jan 2005 17:52:24 +0000 (17:52 +0000)]
PKCS7_verify() performance optimization. When the content is large and a
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.

19 years agoINSTALL.DJGPP sync.
Andy Polyakov [Fri, 14 Jan 2005 16:25:36 +0000 (16:25 +0000)]
INSTALL.DJGPP sync.
PR: 989

19 years agoRely on e_os.h to appropriately define str[n]casecmp in non-POSIX
Andy Polyakov [Thu, 13 Jan 2005 15:46:09 +0000 (15:46 +0000)]
Rely on e_os.h to appropriately define str[n]casecmp in non-POSIX
environments.

19 years ago"Monolithic" x86 assembler replacement for aes_core.c. Up to +15% better
Andy Polyakov [Thu, 13 Jan 2005 15:35:44 +0000 (15:35 +0000)]
"Monolithic" x86 assembler replacement for aes_core.c. Up to +15% better
performance on recent microarchitectures.

19 years agoFix an "oops" typo! Well, it was a debugging left-over...
Andy Polyakov [Thu, 13 Jan 2005 15:25:30 +0000 (15:25 +0000)]
Fix an "oops" typo! Well, it was a debugging left-over...

19 years agoO_NOFOLLOW is not appropriate when opening /dev/* entries on Solaris.
Andy Polyakov [Thu, 13 Jan 2005 15:20:42 +0000 (15:20 +0000)]
O_NOFOLLOW is not appropriate when opening /dev/* entries on Solaris.
PR: 998

19 years agoSmall typo, `mask' got the same value ORed to it twice instead of
Richard Levitte [Wed, 12 Jan 2005 16:40:48 +0000 (16:40 +0000)]
Small typo, `mask' got the same value ORed to it twice instead of
`mask' and `emask' getting that operation done once each.

Patch supplied by Nils Larsch <nils.larsch@cybertrust.com>

19 years agoCorrect a faulty address assignment, and add a length check (not
Richard Levitte [Wed, 12 Jan 2005 09:53:20 +0000 (09:53 +0000)]
Correct a faulty address assignment, and add a length check (not
really needed now, but may be needed in the future, who knows?).

19 years agoFAQ update to mention no-sha0 as possible workaround for Tru64 compiler bug.
Andy Polyakov [Sun, 9 Jan 2005 20:42:33 +0000 (20:42 +0000)]
FAQ update to mention no-sha0 as possible workaround for Tru64 compiler bug.
Well, no-options seem to be busted in HEAD currently, which should/will be
fixed one way or another (see PR#989 for a possible alternative).

19 years agoDJGPP documentation note update.
Andy Polyakov [Sun, 9 Jan 2005 20:14:04 +0000 (20:14 +0000)]
DJGPP documentation note update.

19 years agoPermit "monolithic" AES assembler implementations, i.e. such which would
Andy Polyakov [Sun, 9 Jan 2005 16:01:58 +0000 (16:01 +0000)]
Permit "monolithic" AES assembler implementations, i.e. such which would
replace *whole* aes_core.c, not only AES_[de|en]crypt routines.

19 years agoDJGPP update.
Andy Polyakov [Tue, 4 Jan 2005 10:28:38 +0000 (10:28 +0000)]
DJGPP update.
PR: 989
Submitted by: Doug Kaufman

19 years agoBorrow #include <string[s].h> from e_os.h.
Andy Polyakov [Fri, 31 Dec 2004 00:00:05 +0000 (00:00 +0000)]
Borrow #include <string[s].h> from e_os.h.

19 years agoMake whiny compilers stop complaining about missing prototype.
Andy Polyakov [Thu, 30 Dec 2004 23:40:31 +0000 (23:40 +0000)]
Make whiny compilers stop complaining about missing prototype.

19 years agoFix Win32 test-suit.
Andy Polyakov [Thu, 30 Dec 2004 22:55:28 +0000 (22:55 +0000)]
Fix Win32 test-suit.

19 years agoRemove naming conflict between variable and label.
Andy Polyakov [Thu, 30 Dec 2004 11:10:11 +0000 (11:10 +0000)]
Remove naming conflict between variable and label.

19 years agoCommentary update for AES IA-64 assembler module.
Andy Polyakov [Thu, 30 Dec 2004 10:55:02 +0000 (10:55 +0000)]
Commentary update for AES IA-64 assembler module.

19 years agoMinor AES x86 assembler tune-up.
Andy Polyakov [Thu, 30 Dec 2004 10:46:03 +0000 (10:46 +0000)]
Minor AES x86 assembler tune-up.

19 years agoAES-CFB[18] 2x optimization. Well, I bet nobody cares about AES-CFB1
Andy Polyakov [Thu, 30 Dec 2004 10:43:33 +0000 (10:43 +0000)]
AES-CFB[18] 2x optimization. Well, I bet nobody cares about AES-CFB1
performance, but anyway...

19 years agoPrompt for passphrases for PKCS12 input format
Dr. Stephen Henson [Wed, 29 Dec 2004 01:07:14 +0000 (01:07 +0000)]
Prompt for passphrases for PKCS12 input format

19 years agoOops-kind typos in aes-ia64.S...
Andy Polyakov [Tue, 28 Dec 2004 17:10:42 +0000 (17:10 +0000)]
Oops-kind typos in aes-ia64.S...

19 years agoiv needs to be const because it sometimes takes it's value from a
Richard Levitte [Tue, 28 Dec 2004 10:35:13 +0000 (10:35 +0000)]
iv needs to be const because it sometimes takes it's value from a
const.

19 years agoForgot to synchronise the VMS build scripts.
Richard Levitte [Tue, 28 Dec 2004 10:22:00 +0000 (10:22 +0000)]
Forgot to synchronise the VMS build scripts.

19 years agoAdd functionality needed to process proxy certificates.
Richard Levitte [Tue, 28 Dec 2004 00:21:35 +0000 (00:21 +0000)]
Add functionality needed to process proxy certificates.

19 years agoMinor cygwin update.
Andy Polyakov [Mon, 27 Dec 2004 21:27:46 +0000 (21:27 +0000)]
Minor cygwin update.
PR: 949

19 years agoAs new major IRIX release is highly unlikely to appear [and break following],
Andy Polyakov [Mon, 27 Dec 2004 14:59:36 +0000 (14:59 +0000)]
As new major IRIX release is highly unlikely to appear [and break following],
I change from -notall to -none synonym in irix rules to improve backward
compatibility with IRIX 5.x.
PR: 987

19 years agoRemove CPU detect for IRIX targets. Performance gain is less than 1%,
Andy Polyakov [Mon, 27 Dec 2004 14:57:54 +0000 (14:57 +0000)]
Remove CPU detect for IRIX targets. Performance gain is less than 1%,
it makes more sense to strive for broader binary compatibility...

19 years agoRemove yet another redundant memcpy. Not at least performance critical,
Andy Polyakov [Sun, 26 Dec 2004 13:05:40 +0000 (13:05 +0000)]
Remove yet another redundant memcpy. Not at least performance critical,
essentially cosmetic modification...

19 years agoEliminate redundant memcpy of IV material. Performance improvement varies
Andy Polyakov [Sun, 26 Dec 2004 12:31:37 +0000 (12:31 +0000)]
Eliminate redundant memcpy of IV material. Performance improvement varies
from platform to platform and can be as large as 20%.

19 years agoEngage AES x86 assembler module for COFF and a.out targets.
Andy Polyakov [Sun, 26 Dec 2004 10:58:39 +0000 (10:58 +0000)]
Engage AES x86 assembler module for COFF and a.out targets.

19 years agoEngage AES x86 assembler module on ELF platforms.
Andy Polyakov [Thu, 23 Dec 2004 21:44:28 +0000 (21:44 +0000)]
Engage AES x86 assembler module on ELF platforms.

19 years agox86 perlasm update to accomodate aes-586.pl.
Andy Polyakov [Thu, 23 Dec 2004 21:43:25 +0000 (21:43 +0000)]
x86 perlasm update to accomodate aes-586.pl.

19 years agoEliminate copies of TeN and TdN, use those found in assembler module.
Andy Polyakov [Thu, 23 Dec 2004 21:40:23 +0000 (21:40 +0000)]
Eliminate copies of TeN and TdN, use those found in assembler module.

19 years agoAES x86 assembler implementation.
Andy Polyakov [Thu, 23 Dec 2004 21:32:34 +0000 (21:32 +0000)]
AES x86 assembler implementation.

19 years agoRefine PowerPC platform support.
Andy Polyakov [Mon, 20 Dec 2004 13:44:34 +0000 (13:44 +0000)]
Refine PowerPC platform support.

19 years agoRemove unused buffer 'buf'.
Dr. Stephen Henson [Mon, 20 Dec 2004 00:49:36 +0000 (00:49 +0000)]
Remove unused buffer 'buf'.

19 years agoDon't use multiple storage types.
Dr. Stephen Henson [Sun, 19 Dec 2004 01:21:18 +0000 (01:21 +0000)]
Don't use multiple storage types.

19 years agoFix typos in the ecparam doc.
Geoff Thorpe [Fri, 17 Dec 2004 05:42:00 +0000 (05:42 +0000)]
Fix typos in the ecparam doc.

Submitted by: Nils Larsch

19 years agomake update (oops, missed this file)
Richard Levitte [Mon, 13 Dec 2004 22:57:39 +0000 (22:57 +0000)]
make update (oops, missed this file)

19 years agoChange libeay.num so it's synchronised with additions in 0.9.7-stable.
Richard Levitte [Mon, 13 Dec 2004 22:57:08 +0000 (22:57 +0000)]
Change libeay.num so it's synchronised with additions in 0.9.7-stable.
make update

19 years agoFix s_client so it works without a certificate again.
Dr. Stephen Henson [Mon, 13 Dec 2004 18:02:23 +0000 (18:02 +0000)]
Fix s_client so it works without a certificate again.

19 years agoPropagate a few more variables to Makefile.shared when linking
Richard Levitte [Mon, 13 Dec 2004 17:28:44 +0000 (17:28 +0000)]
Propagate a few more variables to Makefile.shared when linking
programs.

19 years agoRemove duplicate lines.
Dr. Stephen Henson [Sun, 12 Dec 2004 13:15:49 +0000 (13:15 +0000)]
Remove duplicate lines.

19 years agoSolaris x86 perlasm update.
Andy Polyakov [Fri, 10 Dec 2004 11:24:42 +0000 (11:24 +0000)]
Solaris x86 perlasm update.

19 years agoEngage SHA1 IA64 assembler on IA64 platforms.
Andy Polyakov [Thu, 9 Dec 2004 15:39:55 +0000 (15:39 +0000)]
Engage SHA1 IA64 assembler on IA64 platforms.

19 years agoAutomatically mark the CRL cached encoding as invalid when some operations
Dr. Stephen Henson [Thu, 9 Dec 2004 13:35:06 +0000 (13:35 +0000)]
Automatically mark the CRL cached encoding as invalid when some operations
are performed.

19 years agoSHA1 assembler for IA-64.
Andy Polyakov [Thu, 9 Dec 2004 11:57:38 +0000 (11:57 +0000)]
SHA1 assembler for IA-64.

19 years agoExtend RC4 test.
Andy Polyakov [Tue, 7 Dec 2004 11:55:56 +0000 (11:55 +0000)]
Extend RC4 test.

19 years agoUpdate 'certs' directory. Move expired certificates to expired directory
Dr. Stephen Henson [Sun, 5 Dec 2004 19:48:02 +0000 (19:48 +0000)]
Update 'certs' directory. Move expired certificates to expired directory
and zero assurance demontrations CAs to 'demo'.

19 years agoUse X509_cmp_time() in -checkend option, to support GeneralizedTime.
Dr. Stephen Henson [Sun, 5 Dec 2004 18:26:19 +0000 (18:26 +0000)]
Use X509_cmp_time() in -checkend option, to support GeneralizedTime.

19 years agoRemaing bits of PR:620 relevant to 0.9.8.
Dr. Stephen Henson [Sun, 5 Dec 2004 01:50:56 +0000 (01:50 +0000)]
Remaing bits of PR:620 relevant to 0.9.8.

19 years agoAdd lots of checks for memory allocation failure, error codes to indicate
Dr. Stephen Henson [Sun, 5 Dec 2004 01:03:15 +0000 (01:03 +0000)]
Add lots of checks for memory allocation failure, error codes to indicate
failure and freeing up memory if a failure occurs.

PR:620

19 years agoUpdate year.
Dr. Stephen Henson [Sun, 5 Dec 2004 00:51:41 +0000 (00:51 +0000)]
Update year.

19 years agoIn by_file.c check last error for no start line, not first error.
Dr. Stephen Henson [Sat, 4 Dec 2004 21:25:51 +0000 (21:25 +0000)]
In by_file.c check last error for no start line, not first error.

19 years agoAdd -passin argument to dgst command.
Dr. Stephen Henson [Fri, 3 Dec 2004 12:26:56 +0000 (12:26 +0000)]
Add -passin argument to dgst command.

19 years agoV1 certificates that aren't self signed can't be accepted as CAs.
Dr. Stephen Henson [Fri, 3 Dec 2004 00:10:34 +0000 (00:10 +0000)]
V1 certificates that aren't self signed can't be accepted as CAs.

19 years agoFix rc4-ia64.S to pass more exhaustive regression tests.
Andy Polyakov [Thu, 2 Dec 2004 10:07:55 +0000 (10:07 +0000)]
Fix rc4-ia64.S to pass more exhaustive regression tests.

19 years agoAdd couple of OIDs. Resync NIDs for consistency with 0.9.7.
Dr. Stephen Henson [Wed, 1 Dec 2004 18:09:53 +0000 (18:09 +0000)]
Add couple of OIDs. Resync NIDs for consistency with 0.9.7.

19 years agoI've introduced a bug to i386 RC4 assembler, which would emerge with
Andy Polyakov [Wed, 1 Dec 2004 15:28:18 +0000 (15:28 +0000)]
I've introduced a bug to i386 RC4 assembler, which would emerge with
certain mix of calls to RC4 routine not covered by rc4test.c.
It's fixed now. In addition this patch inadvertently fixes minor
performance problem: in 0.9.7 context P4 was performing 12% slower
than the original implementation...

19 years agoPerform partial comparison of different character types in X509_NAME_cmp().
Dr. Stephen Henson [Wed, 1 Dec 2004 01:45:30 +0000 (01:45 +0000)]
Perform partial comparison of different character types in X509_NAME_cmp().

19 years agoAdd 0.9.7 specific comments to RC4 assembler modules.
Andy Polyakov [Tue, 30 Nov 2004 15:46:46 +0000 (15:46 +0000)]
Add 0.9.7 specific comments to RC4 assembler modules.

19 years agoMention that the keys likely to have signed the distribution are now
Mark J. Cox [Tue, 30 Nov 2004 14:34:16 +0000 (14:34 +0000)]
Mention that the keys likely to have signed the distribution are now
listed on the web site for easy finding and downloading

19 years agoSplit X509_check_ca() into a small self and an internal function
Richard Levitte [Tue, 30 Nov 2004 12:18:55 +0000 (12:18 +0000)]
Split X509_check_ca() into a small self and an internal function
check_ca(), to resolve constness issue.  check_ca() is called from the
purpose checkers instead of X509_check_ca(), since the stuff done by
the latter (except for calling check_ca()) is also done by
X509_check_purpose().

19 years agosha1_block_asm_data_order can't hash if message crosses 2GB boundary.
Andy Polyakov [Mon, 29 Nov 2004 21:19:56 +0000 (21:19 +0000)]
sha1_block_asm_data_order can't hash if message crosses 2GB boundary.

19 years agoFinal touches to rc4/asm/rc4-596.pl, +52% better performance on AMD core.
Andy Polyakov [Mon, 29 Nov 2004 21:12:58 +0000 (21:12 +0000)]
Final touches to rc4/asm/rc4-596.pl, +52% better performance on AMD core.

19 years agoDocument the change.
Richard Levitte [Mon, 29 Nov 2004 11:57:00 +0000 (11:57 +0000)]
Document the change.

19 years agoMake an explicit check during certificate validation to see that the
Richard Levitte [Mon, 29 Nov 2004 11:28:08 +0000 (11:28 +0000)]
Make an explicit check during certificate validation to see that the
CA setting in each certificate on the chain is correct.  As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
  chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
  given)

20 years agoperlasm/x86[ms|nasm] update to accomodate updated RC4 assembler module.
Andy Polyakov [Sat, 27 Nov 2004 15:14:58 +0000 (15:14 +0000)]
perlasm/x86[ms|nasm] update to accomodate updated RC4 assembler module.