Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Typo. | Dr. Stephen Henson | 2006-10-05 | 1 | -1/+1 |
| | |||||
* | return an error if the supplied precomputed values lead to an invalid signature | Nils Larsch | 2006-10-04 | 3 | -2/+17 |
| | |||||
* | ASN1_item_verify needs to initialize ctx before any "goto err" can | Bodo Möller | 2006-10-04 | 1 | -2/+2 |
| | | | | happen; the new code for the OID cross reference table failed to do so. | ||||
* | Place standard CRL behaviour in default X509_CRL_METHOD new functions to | Dr. Stephen Henson | 2006-10-03 | 3 | -10/+105 |
| | | | | create, free and set default CRL method. | ||||
* | Initialise ctx to NULL to avoid uninitialized free, noticed by | Mark J. Cox | 2006-09-29 | 1 | -1/+1 |
| | | | | Steve Kiernan | ||||
* | Introduce limits to prevent malicious keys being able to | Bodo Möller | 2006-09-28 | 12 | -5/+151 |
| | | | | | cause a denial of service. (CVE-2006-2940) [Steve Henson, Bodo Moeller] | ||||
* | Fix ASN.1 parsing of certain invalid structures that can result | Mark J. Cox | 2006-09-28 | 1 | -0/+1 |
| | | | | in a denial of service. (CVE-2006-2937) [Steve Henson] | ||||
* | Initialize new callbacks and make sure hent is always initialized. | Dr. Stephen Henson | 2006-09-26 | 2 | -0/+5 |
| | |||||
* | Complete the change for VMS. | Richard Levitte | 2006-09-25 | 1 | -1/+1 |
| | |||||
* | Using correct lock for X509_REQ. | Dr. Stephen Henson | 2006-09-22 | 1 | -1/+1 |
| | | | | PR:1348 | ||||
* | Update length if copying MSB set in asn1_string_canon(). | Dr. Stephen Henson | 2006-09-22 | 1 | -0/+3 |
| | |||||
* | Add missing prototype. Fix various warnings (C++ comments, ; outside function). | Dr. Stephen Henson | 2006-09-21 | 1 | -0/+1 |
| | |||||
* | Make int_rsa_sign function match prototype. | Dr. Stephen Henson | 2006-09-21 | 1 | -2/+2 |
| | | | | PR: 1383 | ||||
* | Compile in gost engine. | Dr. Stephen Henson | 2006-09-21 | 1 | -0/+3 |
| | |||||
* | Do CRL method init after other operations. | Dr. Stephen Henson | 2006-09-21 | 1 | -2/+2 |
| | |||||
* | Tidy up CRL handling by checking for critical extensions when it is | Dr. Stephen Henson | 2006-09-21 | 6 | -53/+107 |
| | | | | | | | | loaded. Add new function X509_CRL_get0_by_serial() to lookup a revoked entry to avoid the need to access the structure directly. Add new X509_CRL_METHOD to allow common CRL operations (verify, lookup) to be redirected. | ||||
* | Remove x86ms.pl and reimplement x86*.pl. | Andy Polyakov | 2006-09-18 | 4 | -1747/+587 |
| | |||||
* | Improve 386 portability of aes-586.pl. | Andy Polyakov | 2006-09-18 | 1 | -3/+4 |
| | |||||
* | Ensure that the addition mods[i]+delta cannot overflow in probable_prime(). | Bodo Möller | 2006-09-18 | 1 | -6/+3 |
| | | | | [Problem pointed out by Adam Young <adamy (at) acm.org>] | ||||
* | Overhaul of by_dir code to handle dynamic loading of CRLs. | Dr. Stephen Henson | 2006-09-17 | 5 | -74/+211 |
| | |||||
* | Support for AKID in CRLs and partial support for IDP. Overhaul of CRL | Dr. Stephen Henson | 2006-09-14 | 5 | -41/+206 |
| | | | | handling to support this. | ||||
* | Fixes for new CRL/cert callbacks. Update CRL processing code to use new | Dr. Stephen Henson | 2006-09-11 | 3 | -66/+66 |
| | | | | callbacks. | ||||
* | Add verify callback functions to lookup a STACK of matching certs or CRLs | Dr. Stephen Henson | 2006-09-10 | 6 | -4/+186 |
| | | | | | | | | based on subject name. New thread safe functions to retrieve matching STACK from X509_STORE. Cache some IDP components. | ||||
* | Make sure the int_rsa_verify() prototype matches the implementation | Bodo Möller | 2006-09-08 | 1 | -1/+1 |
| | | | | | | (m_len currently is 'unsigned int', not 'size_t') Submitted by: Gisle Vanem | ||||
* | Remove non-functional part of recent patch, after discussion with | Bodo Möller | 2006-09-06 | 3 | -11/+0 |
| | | | | | Colin Percival (this would have caused more problems than solved, and isn't really necessary anyway) | ||||
* | Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher | Mark J. Cox | 2006-09-05 | 4 | -0/+28 |
| | | | | | | | (CVE-2006-4339) Submitted by: Ben Laurie, Google Security Team Reviewed by: bmoeller, mjc, shenson | ||||
* | Rewrite sha1-586.pl. | Andy Polyakov | 2006-08-31 | 1 | -314/+141 |
| | |||||
* | Fix bug in aes-586.pl. | Andy Polyakov | 2006-08-31 | 1 | -3/+2 |
| | |||||
* | Fix bug in x86unix.pl introduced in latest update. | Andy Polyakov | 2006-08-31 | 1 | -3/+3 |
| | | | | PR: 1380 | ||||
* | Fix C++ style comments, change assert to OPENSSL_assert, stop warning with | Dr. Stephen Henson | 2006-08-31 | 2 | -44/+50 |
| | | | | pedantic mode. | ||||
* | Fix leak | Dr. Stephen Henson | 2006-08-31 | 1 | -0/+3 |
| | |||||
* | Forward port of IGE mode. | Ben Laurie | 2006-08-31 | 3 | -2/+296 |
| | |||||
* | Make things static that should be. Declare stuff in headers that should be. | Ben Laurie | 2006-08-28 | 10 | -15/+29 |
| | | | | Fix warnings. | ||||
* | Use gmtime on cygwin | Ulf Möller | 2006-08-13 | 1 | -1/+1 |
| | | | | Submitted by: Corinna Vinschen | ||||
* | +20% tune-up for Power5. | Andy Polyakov | 2006-08-09 | 1 | -18/+11 |
| | |||||
* | Revised AES_cbc_encrypt in x86 assembler module. | Andy Polyakov | 2006-08-07 | 1 | -326/+593 |
| | |||||
* | Agressively prefetch S-box in SSE codepatch, relax alignment requirement, | Andy Polyakov | 2006-08-02 | 1 | -48/+65 |
| | | | | | check for SSE bit instead of MMX, as pshufw was introduces in PIII, minor optimization, typos... | ||||
* | Switch to compact S-box when generating AES key schedule. | Andy Polyakov | 2006-08-02 | 1 | -210/+247 |
| | |||||
* | Switch to compact S-box when generating AES key schedule. | Andy Polyakov | 2006-08-01 | 1 | -16/+45 |
| | |||||
* | Engage assembler in solaris64-x86_64-cc. | Andy Polyakov | 2006-07-31 | 1 | -0/+4 |
| | |||||
* | perlasm/x86unix.pl update. | Andy Polyakov | 2006-07-31 | 1 | -6/+38 |
| | |||||
* | Next generation aes-586.pl featuring AES_[en|de]crypt, accessing exclusively | Andy Polyakov | 2006-07-31 | 1 | -295/+1197 |
| | | | | | 256 byte S-box. AES_cbc_encrypt needs further work as it should also use slow routines when processing smaller amount of data. | ||||
* | Support for multiple CRLs with same issuer name in X509_STORE. Modify | Dr. Stephen Henson | 2006-07-25 | 3 | -3/+46 |
| | | | | verify logic to try to use an unexpired CRL if possible. | ||||
* | Cache some CRL related extensions. | Dr. Stephen Henson | 2006-07-24 | 7 | -8/+66 |
| | |||||
* | Avoid warning. | Dr. Stephen Henson | 2006-07-21 | 1 | -1/+1 |
| | |||||
* | Use correct pointer types for various functions. | Dr. Stephen Henson | 2006-07-20 | 4 | -5/+5 |
| | |||||
* | New Camellia implementation (replacing previous version) | Bodo Möller | 2006-07-19 | 5 | -599/+1876 |
| | | | | Submitted by: NTT | ||||
* | Store canonical encodings of Name structures. Update X509_NAME_cmp() to use | Dr. Stephen Henson | 2006-07-18 | 3 | -148/+230 |
| | | | | them. | ||||
* | Reimplement outer rounds as "compact" in x86 assembler. This has rather | Andy Polyakov | 2006-07-18 | 1 | -73/+314 |
| | | | | | | strong impact on decrypt performance, 20-25%. One probably should consider switching between slower and faster routines depending on how much data we were asked to process. | ||||
* | WIN32 fixes signed/unsigned issues and slightly socket semantics. | Dr. Stephen Henson | 2006-07-17 | 1 | -3/+2 |
| |