add code for kP+lQ timings

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
Reviewed by: Bodo Moeller

PR: 659

typo in 0.9.6k section

PR: 587

crypto/store/README, crypto/store/store.h and crypto/store/str_locl.h.

that uses them that I'll commit in a few days.

returns an index.

flags.

the CA certificate part of the CA database, and combined with
'unique_subject=no', it should make operations like CA certificate
roll-over easier.

subject.

enable it automatically for the built-in engine

applications if they were passing a bogus 'flags' parameter yet having
things work as they wanted anyway.

dsa_mod_exp() and bn_mod_exp() handlers from dsa_do_verify() and
dsa_sign_setup(). When another DSA_METHOD implementation does not define
these lower-level handlers, it becomes impossible to do a fallback to
software on errors using a simple DSA_OpenSSL()->fn(key).

This change allows the default DSA_METHOD to function in such circumstances
by only using dsa_mod_exp() and bn_mod_exp() handlers if they exist,
otherwise using BIGNUM implementations directly (which is what those
handlers did before this change). There should be no noticable difference
for the software case, or indeed any custom case that didn't already
segfault, except perhaps that there is now one less level of indirection in
all cases.

PR: 507

- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary

the buffer pointer.

Rename PKCS7_PARTSIGN to PKCS7_STREAM.

Guess what that's for :-)

rearrange some of the other text for better readability.

when reading from a non blocking BIO.

It would incorrectly interpret retries as EOF, incorrectly
buffer initial data and have no buffering at all after initial
data (data would be sent one byte at a time to EVP_DecodeUpdate).

An advisory will be posted to the web.  Expect a release within the hour.

PR: 454