aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* Typo.Dr. Stephen Henson2006-10-051-1/+1
|
* return an error if the supplied precomputed values lead to an invalid signatureNils Larsch2006-10-043-2/+17
|
* ASN1_item_verify needs to initialize ctx before any "goto err" canBodo Möller2006-10-041-2/+2
| | | | happen; the new code for the OID cross reference table failed to do so.
* Place standard CRL behaviour in default X509_CRL_METHOD new functions toDr. Stephen Henson2006-10-033-10/+105
| | | | create, free and set default CRL method.
* Initialise ctx to NULL to avoid uninitialized free, noticed byMark J. Cox2006-09-291-1/+1
| | | | Steve Kiernan
* Introduce limits to prevent malicious keys being able toBodo Möller2006-09-2812-5/+151
| | | | | cause a denial of service. (CVE-2006-2940) [Steve Henson, Bodo Moeller]
* Fix ASN.1 parsing of certain invalid structures that can resultMark J. Cox2006-09-281-0/+1
| | | | in a denial of service. (CVE-2006-2937) [Steve Henson]
* Initialize new callbacks and make sure hent is always initialized.Dr. Stephen Henson2006-09-262-0/+5
|
* Complete the change for VMS.Richard Levitte2006-09-251-1/+1
|
* Using correct lock for X509_REQ.Dr. Stephen Henson2006-09-221-1/+1
| | | | PR:1348
* Update length if copying MSB set in asn1_string_canon().Dr. Stephen Henson2006-09-221-0/+3
|
* Add missing prototype. Fix various warnings (C++ comments, ; outside function).Dr. Stephen Henson2006-09-211-0/+1
|
* Make int_rsa_sign function match prototype.Dr. Stephen Henson2006-09-211-2/+2
| | | | PR: 1383
* Compile in gost engine.Dr. Stephen Henson2006-09-211-0/+3
|
* Do CRL method init after other operations.Dr. Stephen Henson2006-09-211-2/+2
|
* Tidy up CRL handling by checking for critical extensions when it isDr. Stephen Henson2006-09-216-53/+107
| | | | | | | | loaded. Add new function X509_CRL_get0_by_serial() to lookup a revoked entry to avoid the need to access the structure directly. Add new X509_CRL_METHOD to allow common CRL operations (verify, lookup) to be redirected.
* Remove x86ms.pl and reimplement x86*.pl.Andy Polyakov2006-09-184-1747/+587
|
* Improve 386 portability of aes-586.pl.Andy Polyakov2006-09-181-3/+4
|
* Ensure that the addition mods[i]+delta cannot overflow in probable_prime().Bodo Möller2006-09-181-6/+3
| | | | [Problem pointed out by Adam Young <adamy (at) acm.org>]
* Overhaul of by_dir code to handle dynamic loading of CRLs.Dr. Stephen Henson2006-09-175-74/+211
|
* Support for AKID in CRLs and partial support for IDP. Overhaul of CRLDr. Stephen Henson2006-09-145-41/+206
| | | | handling to support this.
* Fixes for new CRL/cert callbacks. Update CRL processing code to use newDr. Stephen Henson2006-09-113-66/+66
| | | | callbacks.
* Add verify callback functions to lookup a STACK of matching certs or CRLsDr. Stephen Henson2006-09-106-4/+186
| | | | | | | | based on subject name. New thread safe functions to retrieve matching STACK from X509_STORE. Cache some IDP components.
* Make sure the int_rsa_verify() prototype matches the implementationBodo Möller2006-09-081-1/+1
| | | | | | (m_len currently is 'unsigned int', not 'size_t') Submitted by: Gisle Vanem
* Remove non-functional part of recent patch, after discussion withBodo Möller2006-09-063-11/+0
| | | | | Colin Percival (this would have caused more problems than solved, and isn't really necessary anyway)
* Avoid PKCS #1 v1.5 signature attack discovered by Daniel BleichenbacherMark J. Cox2006-09-054-0/+28
| | | | | | | (CVE-2006-4339) Submitted by: Ben Laurie, Google Security Team Reviewed by: bmoeller, mjc, shenson
* Rewrite sha1-586.pl.Andy Polyakov2006-08-311-314/+141
|
* Fix bug in aes-586.pl.Andy Polyakov2006-08-311-3/+2
|
* Fix bug in x86unix.pl introduced in latest update.Andy Polyakov2006-08-311-3/+3
| | | | PR: 1380
* Fix C++ style comments, change assert to OPENSSL_assert, stop warning withDr. Stephen Henson2006-08-312-44/+50
| | | | pedantic mode.
* Fix leakDr. Stephen Henson2006-08-311-0/+3
|
* Forward port of IGE mode.Ben Laurie2006-08-313-2/+296
|
* Make things static that should be. Declare stuff in headers that should be.Ben Laurie2006-08-2810-15/+29
| | | | Fix warnings.
* Use gmtime on cygwinUlf Möller2006-08-131-1/+1
| | | | Submitted by: Corinna Vinschen
* +20% tune-up for Power5.Andy Polyakov2006-08-091-18/+11
|
* Revised AES_cbc_encrypt in x86 assembler module.Andy Polyakov2006-08-071-326/+593
|
* Agressively prefetch S-box in SSE codepatch, relax alignment requirement,Andy Polyakov2006-08-021-48/+65
| | | | | check for SSE bit instead of MMX, as pshufw was introduces in PIII, minor optimization, typos...
* Switch to compact S-box when generating AES key schedule.Andy Polyakov2006-08-021-210/+247
|
* Switch to compact S-box when generating AES key schedule.Andy Polyakov2006-08-011-16/+45
|
* Engage assembler in solaris64-x86_64-cc.Andy Polyakov2006-07-311-0/+4
|
* perlasm/x86unix.pl update.Andy Polyakov2006-07-311-6/+38
|
* Next generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusivelyAndy Polyakov2006-07-311-295/+1197
| | | | | 256 byte S-box. AES_cbc_encrypt needs further work as it should also use slow routines when processing smaller amount of data.
* Support for multiple CRLs with same issuer name in X509_STORE. ModifyDr. Stephen Henson2006-07-253-3/+46
| | | | verify logic to try to use an unexpired CRL if possible.
* Cache some CRL related extensions.Dr. Stephen Henson2006-07-247-8/+66
|
* Avoid warning.Dr. Stephen Henson2006-07-211-1/+1
|
* Use correct pointer types for various functions.Dr. Stephen Henson2006-07-204-5/+5
|
* New Camellia implementation (replacing previous version)Bodo Möller2006-07-195-599/+1876
| | | | Submitted by: NTT
* Store canonical encodings of Name structures. Update X509_NAME_cmp() to useDr. Stephen Henson2006-07-183-148/+230
| | | | them.
* Reimplement outer rounds as "compact" in x86 assembler. This has ratherAndy Polyakov2006-07-181-73/+314
| | | | | | strong impact on decrypt performance, 20-25%. One probably should consider switching between slower and faster routines depending on how much data we were asked to process.
* WIN32 fixes signed/unsigned issues and slightly socket semantics.Dr. Stephen Henson2006-07-171-3/+2
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-30 18:33:43 +0000