mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
11,397 Commits 33 Branches 385 Tags 477 MiB
cd54249c21
Commit Graph

11397 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andy Polyakov
cd54249c21 aesni-x86_64.pl: minor CTR performance improvement. 2013-05-13 15:49:03 +02:00
Ben Laurie
92584bd3d5 Tests pass! 2013-05-05 16:15:34 +01:00
Ben Laurie
342ec250c3 Ugly hack to avoid recompiling the same thing multiple times in parallel. 2013-05-05 15:06:33 +01:00
Dr. Stephen Henson
c6d8adb8a4 Reencode certificates in X509_sign_ctx. 
Reencode certificates in X509_sign_ctx as well as X509_sign.

This was causing a problem in the x509 application when it modified an
existing certificate.
 2013-05-02 12:19:40 +01:00
Andy Polyakov
9575d1a91a bsaes-armv7.pl: add bsaes_cbc_encrypt and bsaes_ctr32_encrypt_blocks. 
Submitted by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

Contributor claims ~50% improvement in CTR and ~9% in CBC decrypt
on Cortex-A15.
 2013-04-23 17:52:14 +02:00
Andy Polyakov
75fe422323 bsaes-armv7.pl: take it into build loop. 2013-04-23 17:49:54 +02:00
Dr. Stephen Henson
412834dcf0 Typo. 2013-04-14 01:19:07 +01:00
Andy Polyakov
db05b447a5 Fix Windows linking error in GOST test case. 2013-04-13 23:03:31 +02:00
Andy Polyakov
3bdd80521a crypto/modes/modes_lcl.h: let STRICT_ALIGNMENT be on ARMv7. 
While ARMv7 in general is capable of unaligned access, not all instructions
actually are. And trouble is that compiler doesn't seem to differentiate
those capable and incapable of unaligned access. Side effect is that kernel
goes into endless loop retrying same instruction triggering unaligned trap.
Problem was observed in xts128.c and ccm128.c modules. It's possible to
resolve it by using (volatile u32*) casts, but letting STRICT_ALIGNMENT
be feels more appropriate.
 2013-04-13 20:57:37 +02:00
Dr. Stephen Henson
4544f0a691 Suite B support for DTLS 1.2 
Check for Suite B support using method flags instead of version numbers:
anything supporting TLS 1.2 cipher suites will also support Suite B.

Return an error if an attempt to use DTLS 1.0 is made in Suite B mode.
 2013-04-09 16:49:13 +01:00
Dr. Stephen Henson
c56f5b8edf Always return errors in ssl3_get_client_hello 
If we successfully match a cookie don't set return value to 2 as this
results in other error conditions returning 2 as well.

Instead set return value to -2 which can be checked later if everything
else is OK.
 2013-04-09 15:59:47 +01:00
Dr. Stephen Henson
c6913eeb76 Dual DTLS version methods. 
Add new methods DTLS_*_method() which support both DTLS 1.0 and DTLS 1.2 and
pick the highest version the peer supports during negotiation.

As with SSL/TLS options can change this behaviour specifically
SSL_OP_NO_DTLSv1 and SSL_OP_NO_DTLSv1_2.
 2013-04-09 14:02:48 +01:00
Dr. Stephen Henson
04638f2fc3 Set s->d1 to NULL after freeing it. 2013-04-08 18:24:42 +01:00
Dr. Stephen Henson
045b2809f8 Asm build portability. 
Don't use Win32 specific options in mk1mf.pl to build assembly language
files.
 2013-04-08 14:53:54 +01:00
Ben Laurie
29d422e2a0 Make sure all tests are actually run, plus some fixups for things that 
turn out to be made somewhere by existing Makefiles.
 2013-04-07 16:52:54 +01:00
Ben Laurie
a7f5cd7fd5 Use original alltests target for definitive test list. 2013-04-06 20:42:38 +01:00
Ben Laurie
afdf366921 Missing semicolon. 2013-04-06 16:17:14 +01:00
Dr. Stephen Henson
fed45e1879 Fix non-copy builds. 
Only use -MMD and .sinclude in copy builds: other platforms don't
support them.
 2013-04-06 16:05:23 +01:00
Ben Laurie
d07201a2bb Missing file. 2013-04-06 15:25:43 +01:00
Ben Laurie
bc9e878210 Make executable. 2013-04-06 15:22:28 +01:00
Ben Laurie
9fc3ebda13 Helper scripts for one makefile build. 2013-04-06 15:17:30 +01:00
Ben Laurie
1a70fe953a Merge, go back to copy-if-different. 2013-04-06 15:15:11 +01:00
Ben Laurie
ea4507ee1c Fix test_ss. 2013-04-06 15:13:12 +01:00
Ben Laurie
4b9af0a101 Add new asm target. 2013-04-06 15:13:12 +01:00
Ben Laurie
e92ce4e35b Show start/end of tests. 2013-04-06 15:13:12 +01:00
Ben Laurie
3426b8ed3f Avoid collisions. 2013-04-06 15:13:12 +01:00
Ben Laurie
f5cd3db541 Make session ID test work. 2013-04-06 15:13:12 +01:00
Ben Laurie
15e5f592c1 Make S/MIME test work. 2013-04-06 15:13:11 +01:00
Ben Laurie
509a83dd36 Make RSA test work. 2013-04-06 15:13:11 +01:00
Ben Laurie
8c7f5f3bec Make PKCS#7 test work. 2013-04-06 15:13:11 +01:00
Ben Laurie
188f6443ae Make OCSP test work. 2013-04-06 15:13:11 +01:00
Ben Laurie
3675fb882c More progress towards working tests. 2013-04-06 15:13:11 +01:00
Ben Laurie
3b4d86bff5 Get closer to a working single Makefile with test support. 2013-04-06 15:11:11 +01:00
Ben Laurie
282a480a35 Fix warnings. 2013-04-06 15:08:44 +01:00
Dr. Stephen Henson
1e2d4cb0e1 Make TLS 1.2 ciphers work again. 
Since s->method does not reflect the final client version when a client
hello is sent for SSLv23_client_method it can't be relied on to indicate
if TLS 1.2 ciphers should be used. So use the client version instead.
 2013-04-04 18:21:58 +01:00
Andy Polyakov
99cda4376e cryptlib.c: fix typo in OPENSSL_showfatal. 2013-04-04 15:57:43 +02:00
Andy Polyakov
73325b221c aesni-x86_64.pl: optimize CBC decrypt. 
Give CBC decrypt approximately same treatment as to CTR and collect 25%.
 2013-04-04 15:56:23 +02:00
Andy Polyakov
a42abde699 e_aes.c: reserve for future extensions. 2013-04-04 15:55:49 +02:00
Andy Polyakov
64f7e2c4c0 gcm128.c: fix linking problems in 32-bit Windows build. 2013-04-04 15:54:58 +02:00
Andy Polyakov
7f97d57236 dest4-sparcv9.pl: add clarification comment. 2013-04-04 15:54:08 +02:00
Andy Polyakov
c9a8e3d1c7 evptests.txt: add XTS test vectors 2013-04-04 15:53:01 +02:00
Dr. Stephen Henson
3fce3f6b2b Use $(PERL) when calling scripts in mk1mf.pl 2013-04-03 22:38:18 +01:00
Dr. Stephen Henson
0ded2a0689 Typo. 2013-03-31 17:42:46 +01:00
Andy Polyakov
c5d975a743 Add support for SPARC T4 DES opcode. 2013-03-31 14:32:05 +02:00
Andy Polyakov
d8f3ed2306 des_enc.m4: add missing #include. 
Submitted by: David Miller
 2013-03-31 14:07:48 +02:00
Andy Polyakov
4e049c5259 Add AES-NI GCM stitch. 2013-03-29 20:45:33 +01:00
Andy Polyakov
b4a9d5bfe8 aesni-x86_64.pl: fix typo and optimize small block performance. 2013-03-29 18:54:24 +01:00
Dr. Stephen Henson
3d1160d58b Call RAND_cleanup in openssl application. 
(cherry picked from commit 944bc29f90)
 2013-03-28 14:29:39 +00:00
Dr. Stephen Henson
4221c0dd30 Enable TLS 1.2 ciphers in DTLS 1.2. 
Port TLS 1.2 GCM code to DTLS. Enable use of TLS 1.2 only ciphers when in
DTLS 1.2 mode too.
 2013-03-28 14:14:27 +00:00
Dr. Stephen Henson
fbbaaccaca Update fixed DH requirements. 
The relaxed signing requirements for fixed DH certificates apply to DTLS 1.2
too.
 2013-03-28 14:14:27 +00:00