- Apr 22, 2004
-
-
Dr. Stephen Henson authored
PR:870
-
Dr. Stephen Henson authored
Due to the changes in CA.pl in 0.9.8 (use of -self_sign) a slightly different technique is used to ensure that 'ca' uses the next serial number. It now initializes the serial number using 'openssl x509 -next_serial'.
-
- Apr 21, 2004
-
-
Geoff Thorpe authored
some similar code elsewhere. Thanks to Francesco Petruzzi for bringing this to my attention.
-
- Apr 15, 2004
-
-
Dr. Stephen Henson authored
-
- Apr 13, 2004
-
-
Dr. Stephen Henson authored
-
cvs2svn authored
'OpenSSL_0_9_7-stable'.
-
Dr. Stephen Henson authored
-
- Apr 02, 2004
-
-
Richard Levitte authored
PR: 868
-
Geoff Thorpe authored
-
Geoff Thorpe authored
-
- Apr 01, 2004
-
-
Dr. Stephen Henson authored
-
- Mar 31, 2004
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Mar 29, 2004
-
-
Richard Levitte authored
make update
-
- Mar 28, 2004
-
-
Andy Polyakov authored
available compiler versions generated bogus machine code trying to compile new crypto/des/cfb_enc.c. Secondly, 8th version defines __GNUC__ macro, but fails to compile *some* inline assembler correctly. Note that all versions of icc implement MSC-like _lrot[rl] intrinsic, which is used now instead of offensive asm. Finally, unnecessary linker dependencies are eliminated. Most notably dependency from libirc.a caused trouble at application start-up, if libcrypto.so is linked with -Bsymbolic (which it is).
-
Dr. Stephen Henson authored
appropriate form, for example correct DES parity. Update S/MIME code and EVP_SealInit to use new functions. PR: 700
-
Dr. Stephen Henson authored
make update
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Mar 27, 2004
-
-
Dr. Stephen Henson authored
verified structure can contain its own CRLs (such as PKCS#7 signedData). Tidy up some of the verify code.
-
Dr. Stephen Henson authored
-
- Mar 26, 2004
-
-
Dr. Stephen Henson authored
-
- Mar 25, 2004
-
-
Dr. Stephen Henson authored
-
Richard Levitte authored
the symbol name).
-
Richard Levitte authored
in the middle of the code on Windows, and that disrupts operations in functions later that use rename()... PR: 853
-
Richard Levitte authored
in the middle of the code on Windows, and that disrupts operations in functions later that use rename()... PR: 853
-
Richard Levitte authored
PR: 854
-
Richard Levitte authored
PR: 854
-
Richard Levitte authored
PR: 856
-
Richard Levitte authored
PR: 856
-
Richard Levitte authored
-
Richard Levitte authored
doule as last argument.
-
Richard Levitte authored
-
Dr. Stephen Henson authored
I'll remember to try to compile this with warnings enabled next time :-)
-
Dr. Stephen Henson authored
-
Geoff Thorpe authored
locally initialising their own. NB: I've removed the "BN_clear_free()" loops for the exit-paths in some of these functions, and that may be a major part of the performance improvements we're seeing. The "free" part can be removed because we're using BN_CTX. The "clear" part OTOH can be removed because BN_CTX destruction automatically performs this task, so performing it inside functions that may be called repeatedly is wasteful. This is currently safe within openssl due to the fact that BN_CTX objects are never created for longer than a single high-level operation. However, that is only because there's currently no mechanism in openssl for thread-local storage. Beyond that, this might be an issue for applications using the bignum API directly and caching their own BN_CTX objects. The solution is to introduce a flag to BN_CTX_start() that allows its variables to be automatically sanitised on release during BN_CTX_end(). This way any higher-level function (and perhaps the application) can specify this flag in its own BN_CTX_start()/BN_CTX_end() pair, and this will cause inner-loop functions specifying the flag to be ignored so that sanitisation is handled only once back out at the higher level. I will be implementing this in the near future.
-
Geoff Thorpe authored
little TODO list in there as well as the debugging code (only enabled if BN_CTX_DEBUG is defined). I'd appreciate as much review and testing as can be spared for this. I'll commit some changes to other parts of the bignum code shortly to make better use of this implementation (no more fixed size limitations). Note also that under identical optimisations, I'm seeing a noticable speed increase over openssl-0.9.7 - so any feedback to confirm/deny this on other systems would also be most welcome.
-
Geoff Thorpe authored
curves. Submitted by: Nils Larsch
-
Geoff Thorpe authored
already built and tested.
-
Geoff Thorpe authored
operations no longer require two distinct BN_CTX structures. This may put more "strain" on the current BN_CTX implementation (which has a fixed limit to the number of variables it will hold), but so far this limit is not triggered by any of the tests pass and I will be changing BN_CTX in the near future to avoid this problem anyway. This also changes the default RSA implementation code to use the BN_CTX in favour of initialising some of its variables locally in each function.
-