Dr. Stephen Henson
bc7535bc7f
Support for AKID in CRLs and partial support for IDP. Overhaul of CRL
...
handling to support this.
2006-09-14 17:25:02 +00:00
Dr. Stephen Henson
016bc5ceb3
Fixes for new CRL/cert callbacks. Update CRL processing code to use new
...
callbacks.
2006-09-11 13:00:52 +00:00
Dr. Stephen Henson
4d50a2b4d6
Add verify callback functions to lookup a STACK of matching certs or CRLs
...
based on subject name.
New thread safe functions to retrieve matching STACK from X509_STORE.
Cache some IDP components.
2006-09-10 12:38:37 +00:00
Bodo Möller
7f4301668f
Make sure the int_rsa_verify() prototype matches the implementation
...
(m_len currently is 'unsigned int', not 'size_t')
Submitted by: Gisle Vanem
2006-09-08 06:00:40 +00:00
Bodo Möller
2952886010
Remove non-functional part of recent patch, after discussion with
...
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
2006-09-06 06:43:11 +00:00
Mark J. Cox
b79aa05e3b
Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
...
(CVE-2006-4339)
Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:58:03 +00:00
Andy Polyakov
500b5a181d
Rewrite sha1-586.pl.
2006-08-31 21:27:30 +00:00
Andy Polyakov
2b8a5406f9
Fix bug in aes-586.pl.
2006-08-31 21:15:38 +00:00
Andy Polyakov
2f35ae90fe
Fix bug in x86unix.pl introduced in latest update.
...
PR: 1380
2006-08-31 21:12:17 +00:00
Dr. Stephen Henson
02c9b66a6c
Fix C++ style comments, change assert to OPENSSL_assert, stop warning with
...
pedantic mode.
2006-08-31 20:56:20 +00:00
Dr. Stephen Henson
539d4c1030
Fix leak
2006-08-31 20:10:37 +00:00
Ben Laurie
aa6d1a0c19
Forward port of IGE mode.
2006-08-31 14:04:04 +00:00
Ben Laurie
777c47acbe
Make things static that should be. Declare stuff in headers that should be.
...
Fix warnings.
2006-08-28 17:01:04 +00:00
Ulf Möller
1c23bc5670
Use gmtime on cygwin
...
Submitted by: Corinna Vinschen
2006-08-13 09:03:38 +00:00
Andy Polyakov
8ea975d070
+20% tune-up for Power5.
2006-08-09 15:40:30 +00:00
Andy Polyakov
6c69aa532e
Revised AES_cbc_encrypt in x86 assembler module.
2006-08-07 09:05:52 +00:00
Andy Polyakov
fc92414273
Agressively prefetch S-box in SSE codepatch, relax alignment requirement,
...
check for SSE bit instead of MMX, as pshufw was introduces in PIII, minor
optimization, typos...
2006-08-02 22:38:16 +00:00
Andy Polyakov
53154d71c3
Switch to compact S-box when generating AES key schedule.
2006-08-02 07:46:56 +00:00
Andy Polyakov
8cebec9802
Switch to compact S-box when generating AES key schedule.
2006-08-01 22:10:39 +00:00
Andy Polyakov
c8a0d0aaf9
Engage assembler in solaris64-x86_64-cc.
2006-07-31 22:28:40 +00:00
Andy Polyakov
0cc46efa09
perlasm/x86unix.pl update.
2006-07-31 22:26:40 +00:00
Andy Polyakov
22c268e6c9
Next generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusively
...
256 byte S-box. AES_cbc_encrypt needs further work as it should also use
slow routines when processing smaller amount of data.
2006-07-31 20:03:56 +00:00
Dr. Stephen Henson
f6e7d01450
Support for multiple CRLs with same issuer name in X509_STORE. Modify
...
verify logic to try to use an unexpired CRL if possible.
2006-07-25 17:39:38 +00:00
Dr. Stephen Henson
edc540211c
Cache some CRL related extensions.
2006-07-24 12:39:22 +00:00
Dr. Stephen Henson
2eed3a3cc8
Avoid warning.
2006-07-21 22:46:19 +00:00
Dr. Stephen Henson
786aa98da1
Use correct pointer types for various functions.
2006-07-20 16:56:47 +00:00
Bodo Möller
413e0853d7
New Camellia implementation (replacing previous version)
...
Submitted by: NTT
2006-07-19 13:38:26 +00:00
Dr. Stephen Henson
450ea83495
Store canonical encodings of Name structures. Update X509_NAME_cmp() to use
...
them.
2006-07-18 12:36:19 +00:00
Andy Polyakov
af8c1d81a3
Reimplement outer rounds as "compact" in x86 assembler. This has rather
...
strong impact on decrypt performance, 20-25%. One probably should consider
switching between slower and faster routines depending on how much data
we were asked to process.
2006-07-18 10:05:38 +00:00
Dr. Stephen Henson
b589427941
WIN32 fixes signed/unsigned issues and slightly socket semantics.
2006-07-17 18:52:51 +00:00
Dr. Stephen Henson
f0fa285f75
Update .cvsignore again.
2006-07-17 16:42:06 +00:00
Dr. Stephen Henson
a0b5b07010
Update .cvsignore
2006-07-17 16:40:20 +00:00
Dr. Stephen Henson
5c95c2ac23
Fix various error codes to match functions.
2006-07-17 16:33:31 +00:00
Dr. Stephen Henson
c1c6c0bf45
New non-blocking OCSP functionality.
2006-07-17 12:18:28 +00:00
Andy Polyakov
dff2922aa7
Add option for "compact" rounds to aes_x86core.c. "Compact" rounds are
...
those referencing compact, 256-byte, S-boxes.
2006-07-14 09:57:55 +00:00
Dr. Stephen Henson
31780d0e26
Bugfix: don't look in internal table for signature if found in application
...
supplied list.
2006-07-12 16:30:40 +00:00
Dr. Stephen Henson
29cf84c692
New docs for EVP_Digest{Sign,Verify}*() function. Update existing docs.
2006-07-12 12:31:30 +00:00
Dr. Stephen Henson
b7683e3a5d
Allow digests to supply S/MIME micalg values from a ctrl.
...
Send ctrls to EVP_PKEY_METHOD during signing of PKCS7 structure so
customisation is possible.
2006-07-10 18:36:55 +00:00
Dr. Stephen Henson
0ee2166cc5
New functions to add and free up application defined signature OIDs.
2006-07-09 16:05:43 +00:00
Dr. Stephen Henson
067707e367
Set detached flag in PKCS7 structure earlier to avoid eating up memory.
...
PR: 1071
2006-07-09 12:02:08 +00:00
Dr. Stephen Henson
5ba4bf35c5
New functions to enumerate digests and ciphers.
2006-07-09 00:53:45 +00:00
Andy Polyakov
86bdc0a3ee
Fix compiler warnings.
2006-07-04 20:29:50 +00:00
Andy Polyakov
1a4e245f3e
Unsigned vs signed comparison warning.
2006-07-04 20:29:14 +00:00
Andy Polyakov
975efcbaee
Typos(?) in HEAD/crypto/evp/p_lib.c.
2006-07-04 20:27:44 +00:00
Dr. Stephen Henson
90e1b1fd7d
dsa_pub_cmp() doesn't need to check parameters because that is done in
...
EVP_PKEY_cmp().
2006-07-02 21:13:39 +00:00
Dr. Stephen Henson
86207c1960
Make return value from EVP_PKEY_cmp() and EVP_PKEY_cmp_parameters() consistent.
2006-07-02 21:12:40 +00:00
Andy Polyakov
9c62bca11a
Prepare playground for AES experimental code.
2006-07-02 09:18:00 +00:00
Bodo Möller
3df760b83a
use <poll.h> as by Single Unix Specification
2006-06-30 08:14:39 +00:00
Bodo Möller
e34aa5a3b3
always read in RAND_poll() if we can't use select because of a too
...
large FD: it's non-blocking mode anyway
2006-06-28 14:50:12 +00:00
Andy Polyakov
985e4c4154
Mitigate the hazard of cache-collision timing attack on last round. The
...
only chance for T[ed]4 to get evicted in this module is when its cache
"overlaps" with last 128 bits of key schedule.
2006-06-28 08:52:16 +00:00