Loading CHANGES +14 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,20 @@ Changes between 0.9.8e and 0.9.8f [xx XXX xxxx] *) Add the Korean symmetric 128-bit cipher SEED (see http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and add SEED ciphersuites from RFC 4162: TLS_RSA_WITH_SEED_CBC_SHA = "SEED-SHA" TLS_DHE_DSS_WITH_SEED_CBC_SHA = "DHE-DSS-SEED-SHA" TLS_DHE_RSA_WITH_SEED_CBC_SHA = "DHE-RSA-SEED-SHA" TLS_DH_anon_WITH_SEED_CBC_SHA = "ADH-SEED-SHA" To minimize changes between patchlevels in the OpenSSL 0.9.8 series, SEED remains excluded from compilation unless OpenSSL is configured with 'enable-seed'. [KISA, Bodo Moeller] *) Mitigate branch prediction attacks, which can be practical if a single processor is shared, allowing a spy process to extract information. For detailed background information, see Loading Configure +5 −4 Original line number Diff line number Diff line Loading @@ -605,6 +605,7 @@ my %disabled = ( # "what" => "comment" "mdc2" => "default", "rc5" => "default", "rfc3779" => "default", "seed" => "default", "shared" => "default", "zlib" => "default", "zlib-dynamic" => "default" Loading @@ -615,7 +616,7 @@ my %disabled = ( # "what" => "comment" # For symmetry, "disable-..." is a synonym for "no-...". # This is what $depflags will look like with the above default: my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 "; my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED "; my $no_sse2=0; Loading Makefile.org +1 −1 Original line number Diff line number Diff line Loading @@ -111,7 +111,7 @@ SHLIBDIRS= crypto ssl SDIRS= \ objects \ md2 md4 md5 sha mdc2 hmac ripemd \ des aes rc2 rc4 rc5 idea bf cast camellia \ des aes rc2 rc4 rc5 idea bf cast camellia seed \ bn ec rsa dsa ecdsa dh ecdh dso engine \ buffer bio stack lhash rand err \ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ Loading apps/dsa.c +4 −0 Original line number Diff line number Diff line Loading @@ -87,6 +87,7 @@ * -camellia128 - encrypt output if PEM format * -camellia192 - encrypt output if PEM format * -camellia256 - encrypt output if PEM format * -seed - encrypt output if PEM format * -text - print a text version * -modulus - print the DSA public key */ Loading Loading @@ -218,6 +219,9 @@ bad: #ifndef OPENSSL_NO_CAMELLIA BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); #endif #ifndef OPENSSL_NO_SEED BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n"); #endif BIO_printf(bio_err," -text print the key in text\n"); BIO_printf(bio_err," -noout don't print key out\n"); Loading apps/gendsa.c +8 −0 Original line number Diff line number Diff line Loading @@ -140,6 +140,10 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-idea") == 0) enc=EVP_idea_cbc(); #endif #ifndef OPENSSL_NO_SEED else if (strcmp(*argv,"-seed") == 0) enc=EVP_seed_cbc(); #endif #ifndef OPENSSL_NO_AES else if (strcmp(*argv,"-aes128") == 0) enc=EVP_aes_128_cbc(); Loading Loading @@ -178,6 +182,10 @@ bad: #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); #endif #ifndef OPENSSL_NO_SEED BIO_printf(bio_err," -seed\n"); BIO_printf(bio_err," encrypt PEM output with cbc seed\n"); #endif #ifndef OPENSSL_NO_AES BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); Loading Loading
CHANGES +14 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,20 @@ Changes between 0.9.8e and 0.9.8f [xx XXX xxxx] *) Add the Korean symmetric 128-bit cipher SEED (see http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and add SEED ciphersuites from RFC 4162: TLS_RSA_WITH_SEED_CBC_SHA = "SEED-SHA" TLS_DHE_DSS_WITH_SEED_CBC_SHA = "DHE-DSS-SEED-SHA" TLS_DHE_RSA_WITH_SEED_CBC_SHA = "DHE-RSA-SEED-SHA" TLS_DH_anon_WITH_SEED_CBC_SHA = "ADH-SEED-SHA" To minimize changes between patchlevels in the OpenSSL 0.9.8 series, SEED remains excluded from compilation unless OpenSSL is configured with 'enable-seed'. [KISA, Bodo Moeller] *) Mitigate branch prediction attacks, which can be practical if a single processor is shared, allowing a spy process to extract information. For detailed background information, see Loading
Configure +5 −4 Original line number Diff line number Diff line Loading @@ -605,6 +605,7 @@ my %disabled = ( # "what" => "comment" "mdc2" => "default", "rc5" => "default", "rfc3779" => "default", "seed" => "default", "shared" => "default", "zlib" => "default", "zlib-dynamic" => "default" Loading @@ -615,7 +616,7 @@ my %disabled = ( # "what" => "comment" # For symmetry, "disable-..." is a synonym for "no-...". # This is what $depflags will look like with the above default: my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 "; my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED "; my $no_sse2=0; Loading
Makefile.org +1 −1 Original line number Diff line number Diff line Loading @@ -111,7 +111,7 @@ SHLIBDIRS= crypto ssl SDIRS= \ objects \ md2 md4 md5 sha mdc2 hmac ripemd \ des aes rc2 rc4 rc5 idea bf cast camellia \ des aes rc2 rc4 rc5 idea bf cast camellia seed \ bn ec rsa dsa ecdsa dh ecdh dso engine \ buffer bio stack lhash rand err \ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ Loading
apps/dsa.c +4 −0 Original line number Diff line number Diff line Loading @@ -87,6 +87,7 @@ * -camellia128 - encrypt output if PEM format * -camellia192 - encrypt output if PEM format * -camellia256 - encrypt output if PEM format * -seed - encrypt output if PEM format * -text - print a text version * -modulus - print the DSA public key */ Loading Loading @@ -218,6 +219,9 @@ bad: #ifndef OPENSSL_NO_CAMELLIA BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); #endif #ifndef OPENSSL_NO_SEED BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n"); #endif BIO_printf(bio_err," -text print the key in text\n"); BIO_printf(bio_err," -noout don't print key out\n"); Loading
apps/gendsa.c +8 −0 Original line number Diff line number Diff line Loading @@ -140,6 +140,10 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-idea") == 0) enc=EVP_idea_cbc(); #endif #ifndef OPENSSL_NO_SEED else if (strcmp(*argv,"-seed") == 0) enc=EVP_seed_cbc(); #endif #ifndef OPENSSL_NO_AES else if (strcmp(*argv,"-aes128") == 0) enc=EVP_aes_128_cbc(); Loading Loading @@ -178,6 +182,10 @@ bad: #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); #endif #ifndef OPENSSL_NO_SEED BIO_printf(bio_err," -seed\n"); BIO_printf(bio_err," encrypt PEM output with cbc seed\n"); #endif #ifndef OPENSSL_NO_AES BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); Loading
