Commits · 6f6a6130327bb033730bf36ad826797a1b074317 · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Oct 03, 2013
- aes/asm/bsaes-*.pl: improve decrypt performance. · 6f6a6130
  Andy Polyakov authored Oct 03, 2013
```
Improve decrypt performance by 10-20% depending on platform. Thanks
to Jussi Kivilinna for providing valuable hint. Also thanks to Ard
Biesheuvel.
```
  6f6a6130
- evp/e_des3.c: fix typo with potential integer overflow on 32-bit platforms. · 524b00c0
  Andy Polyakov authored Oct 03, 2013
```
Submitted by: Yuriy Kaminskiy
```
  524b00c0
- perlasm/sparcv9_modes.pl: make it work even with seasoned perl. · 6b2cae0c
  Andy Polyakov authored Oct 03, 2013
```
PR: 3130
```
  6b2cae0c
Oct 02, 2013
- bn/asm/x86_64-mont*.pl: add MULX/ADCX/ADOX code path. · a5bb5bca
  Andy Polyakov authored Oct 03, 2013
  
  a5bb5bca
- rsaz-x86_64.pl: add MULX/ADCX/ADOX code path. · 87954638
  Andy Polyakov authored Oct 03, 2013
  
  87954638
- x86_64-xlate.pl: fix jrcxz in nasm case. · 667053a2
  Andy Polyakov authored Oct 03, 2013
  
  667053a2
- evp/e_aes_cbc_hmac_sha*.c: multi-block glue code. · 7f893258
  Andy Polyakov authored Oct 03, 2013
  
  7f893258
- Configire: take multi-block modules into build loop. · 6bcb68da
  Andy Polyakov authored Oct 03, 2013
  
  6bcb68da
- x86_64 assembly pack: add multi-block AES-NI, SHA1 and SHA256. · b7838586
  Andy Polyakov authored Oct 03, 2013
  
  b7838586
- evp/e_aes_cbc_hmac_sha256.c: enable is on all AES-NI platforms, not only on AVX. · 5f487e03
  Andy Polyakov authored Oct 03, 2013
  
  5f487e03
Oct 01, 2013
- aes/asm/*-armv*.pl: compensate for inconsistencies in tool-chains. · 066caf05
  Andy Polyakov authored Oct 01, 2013
```
Suggested by: Ard Biesheuvel
```
  066caf05
Sep 20, 2013
- Mix time into the pool to avoid repetition of the Android duplicated PID problem. · 3cd8547a
  Ben Laurie authored Sep 20, 2013
  
  3cd8547a
- More diagnostics for invalid OIDs. · 79b92098
  Ben Laurie authored Sep 20, 2013
  
  79b92098
- aes-armv4.pl, bsaes-armv7.pl: add Linux kernel and Thumb2 support. · e0202d94
  Andy Polyakov authored Sep 20, 2013
```
Submitted by: Ard Biesheuvel
```
  e0202d94
Sep 18, 2013
- Add functions to set ECDSA_METHOD structure. · 94c2f77a
  Dr. Stephen Henson authored Sep 18, 2013
```
Add various functions to allocate and set the fields of an ECDSA_METHOD
structure.
```
  94c2f77a
Sep 16, 2013

Fix overly lenient comparisons: · ca567a03

Bodo Moeller authored Sep 16, 2013

    - EC_GROUP_cmp shouldn't consider curves equal just because
      the curve name is the same. (They really *should* be the same
      in this case, but there's an EC_GROUP_set_curve_name API,
      which could be misused.)

    - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
      or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
      equality (not an error).

    Reported by: king cope

ca567a03

Sep 15, 2013
- crypto/armcap.c: fix typo in rdtsc subroutine. · 8e52a906
  Andy Polyakov authored Sep 15, 2013
```
PR: 3125
Submitted by: Kyle McMartin
```
  8e52a906
- bsaes-armv7.pl: remove partial register operations in CTR subroutine. · 612f4e23
  Andy Polyakov authored Sep 15, 2013
  
  612f4e23
- bsaes-armv7.pl: remove byte order dependency and minor optimization. · 29f41e8a
  Andy Polyakov authored Sep 15, 2013
  
  29f41e8a
- Added support for ARM/NEON based bit sliced AES in XTS mode · a2ea9f3e
  Ard Biesheuvel authored Aug 05, 2013
```
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
```
  a2ea9f3e
Sep 10, 2013
- Constification. · edf92f1c
  Ben Laurie authored Sep 10, 2013
  
  edf92f1c
Sep 09, 2013
- crypto/modes/asm/aesni-gcm-x86_64.pl: minor optimization. · 7a1a1223
  Andy Polyakov authored Sep 09, 2013
```
Avoid occasional up to 8% performance drops.
```
  7a1a1223
- crypto/bn/asm/x86_64-mont.pl: minor optimization. · 72a15870
  Andy Polyakov authored Sep 09, 2013
  
  72a15870
Sep 08, 2013

Partial path fix. · 52073b76

Dr. Stephen Henson authored Sep 08, 2013

When verifying a partial path always check to see if the EE certificate
is explicitly trusted: the path could contain other untrusted certificates.

52073b76

Sep 06, 2013

Add callbacks supporting generation and retrieval of supplemental data... · 36086186

Scott Deboy authored Jun 18, 2013

Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.

36086186

Sep 05, 2013
- misspellings fixes by https://github.com/vlajos/misspell_fixer · 478b50cf
  Veres Lajos authored Jun 13, 2013
  
  478b50cf
Aug 21, 2013
- Fix compile errors. · a0aaa566
  Ben Laurie authored Aug 21, 2013
  
  a0aaa566
Aug 17, 2013
- Make no-ec compilation work. · 14536c8c
  Dr. Stephen Henson authored Aug 17, 2013
  
  14536c8c
Aug 06, 2013

Fix for PEM_X509_INFO_read_bio. · 5ae8d6bc

Kaspar Brand authored Aug 06, 2013

PR: 3028
Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys
correctly if they appeared first.

5ae8d6bc

Aug 05, 2013
- CMS RFC2631 X9.42 DH enveloped data support. · bd59f2b9
  Dr. Stephen Henson authored Jul 20, 2013
  
  bd59f2b9
- Add KDF for DH. · dc1ce3bc
  Dr. Stephen Henson authored Jul 30, 2013
```
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.

Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.
```
  dc1ce3bc
- Extend DH parameter generation support. · 39090878
  Dr. Stephen Henson authored Jul 31, 2013
```
Add support for DH parameter generation using DSA methods including
FIPS 186-3.
```
  39090878
- Enhance DH dup functions. · d3cc91ee
  Dr. Stephen Henson authored Jul 20, 2013
```
Make DHparams_dup work properly with X9.42 DH parameters.
```
  d3cc91ee
- If present print j, seed and counter values for DH · c9577ab5
  Dr. Stephen Henson authored Aug 02, 2013
  
  c9577ab5
- Minor optimisation to KDF algorithm. · 3f6b6f0b
  Dr. Stephen Henson authored Aug 01, 2013
```
Don't need to use temporary buffer if remaining length equals digest length.
```
  3f6b6f0b
- Algorithm parameter support. · e61f5d55
  Dr. Stephen Henson authored Aug 05, 2013
```
Check and set AlgorithmIdenfier parameters for key wrap algorithms.
Currently these just set parameters to NULL.
```
  e61f5d55
Aug 03, 2013
- crypto/evp/e_aes.c: fix logical pre-processor bug and formatting. · a59f4362
  Andy Polyakov authored Aug 03, 2013
```
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by
Ard Biesheuvel of Linaro.
```
  a59f4362
- crypto/bn/asm/rsax-x86_64.pl: make it work on Darwin. · fd8ad019
  Andy Polyakov authored Aug 03, 2013
  
  fd8ad019
Jul 31, 2013
- crypto/sha/asm/sha*-x86_64.pl: comply with Win64 ABI. · 00678437
  Andy Polyakov authored Jul 31, 2013
  
  00678437
Jul 19, 2013

Make ecdsatest work with nonces. · 584ac221

Dr. Stephen Henson authored Jul 19, 2013

Update ecdsatest to use ECDSA_sign_setup and ECDSA_sign_ex, this
avoids the nonce generation which would otherwise break the test.

Reinstate ecdsatest.

584ac221