Commits · c7dc40418819338b17b875b255227320bcb30ecb · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Sep 09, 2013
- crypto/modes/asm/aesni-gcm-x86_64.pl: minor optimization. · c7dc4041
  Andy Polyakov authored Sep 09, 2013
```
Avoid occasional up to 8% performance drops.
(cherry picked from commit 7a1a1223)
```
  c7dc4041
- crypto/bn/asm/x86_64-mont.pl: minor optimization. · 08853158
  Andy Polyakov authored Sep 09, 2013
```
(cherry picked from commit 72a15870)
```
  08853158
- Revert "x86cpuid.pl: fix extended feature flags detection." · 74e01876
  Andy Polyakov authored Sep 09, 2013
```
This reverts commit 514f1a78.
```
  74e01876
Sep 08, 2013

Remove ancient PATENTS section and FAQ reference. · bb4aa95c
Dr. Stephen Henson authored Sep 08, 2013
```
(cherry picked from commit ce455596)
```
bb4aa95c

Dr. Stephen Henson authored Sep 08, 2013

When verifying a partial path always check to see if the EE certificate
is explicitly trusted: the path could contain other untrusted certificates.
(cherry picked from commit 52073b76)

5117d50b

Sep 03, 2013
- Document supported curve functions. · 593605d3
  Dr. Stephen Henson authored Sep 03, 2013
```
(cherry picked from commit c3eb3376)
```
  593605d3
Aug 21, 2013
- Document -force_pubkey option. · c9ea4df8
  Dr. Stephen Henson authored Aug 21, 2013
```
(cherry picked from commit b093a06866bf632a97a9a0286e2d08f69c3cf7dd)
```
  c9ea4df8
Aug 20, 2013
- Correct ECDSA example. · 89ff56fa
  Dr. Stephen Henson authored Aug 20, 2013
```
(cherry picked from commit 3a918ea2bbf4175d9461f81be1403d3781b2c0dc)
```
  89ff56fa
Aug 19, 2013
- fix printout of expiry days if -enddate is used in ca · 9855026c
  Dr. Stephen Henson authored Nov 20, 2012
```
(cherry picked from commit f7ac0ec8)
```
  9855026c
- Time difference functions. · 904348a4
  Dr. Stephen Henson authored Nov 19, 2012
```
Backport of ASN1_TIME_diff and OPENSSL_gmtime_diff functions from master
branch.
```
  904348a4
- new command line option -stdname to ciphers utility · aaaa1839
  Dr. Stephen Henson authored Nov 16, 2012
```
(cherry picked from commit 51b9115b)
```
  aaaa1839
- Add new test option set the version in generated certificates: this · 8c33e40d
  Dr. Stephen Henson authored Nov 30, 2012
```
is needed to test some profiles/protocols which reject certificates
with unsupported versions.
(cherry picked from commit df316fd4)
```
  8c33e40d
- option to output corrupted signature in certificates for testing purposes · 0d04af1e
  Dr. Stephen Henson authored Nov 25, 2012
```
(cherry picked from commit 96cfba0f)
```
  0d04af1e
- update usage messages · 8f174958
  Dr. Stephen Henson authored Nov 19, 2012
```
(cherry picked from commit 7c8ac505)
```
  8f174958
- add -naccept <n> option to s_server to automatically exit after <n> connections · 95c1a248
  Dr. Stephen Henson authored Nov 18, 2012
```
(cherry picked from commit b5cadfb5)
```
  95c1a248
- with -rev close connection if client sends "CLOSE" · 08374de1
  Dr. Stephen Henson authored Nov 19, 2012
```
(cherry picked from commit 68575593)
```
  08374de1
- Add simple external session cache to s_server. This serialises sessions · 506e70a2
  Dr. Stephen Henson authored Aug 19, 2013
```
just like a "real" server making it easier to trace any problems.

(manually applied from commit 35b0ea4e)
```
  506e70a2
- Remove commented out debug line. · 0cca92cd
  Dr. Stephen Henson authored Aug 19, 2013
  
  0cca92cd
- Make no-ec compilation work. · 5b430cfc
  Dr. Stephen Henson authored Aug 17, 2013
```
(cherry picked from commit 14536c8c)
```
  5b430cfc
- Add -rev test option to s_server to just reverse order of characters received · 171c4da5
  Dr. Stephen Henson authored Sep 14, 2012
```
by client and send back to server. Also prints an abbreviated summary of
the connection parameters.
(cherry picked from commit 4f3df8be)
```
  171c4da5
- Add -brief option to s_client and s_server to summarise connection details. · 04611fb0
  Dr. Stephen Henson authored Aug 19, 2013
```
New option -verify_quiet to shut up the verify callback unless there is
an error.

(manually applied from commit 2a7cbe77)
```
  04611fb0
Aug 18, 2013

Add documentation. · df430489

Dr. Stephen Henson authored Aug 16, 2013

Preliminary documentation for chain and verify stores and certificate chain
setting functions.
(cherry picked from commit eeb15452)

df430489

Return 1 when setting ECDH auto mode. · 5085e57f
Dr. Stephen Henson authored Aug 17, 2013
```
(cherry picked from commit 42082eda)
```
5085e57f

Aug 13, 2013

DTLS message_sequence number wrong in rehandshake ServerHello · 75b81247

Michael Tuexen authored Aug 13, 2013

This fix ensures that
* A HelloRequest is retransmitted if not responded by a ClientHello
* The HelloRequest "consumes" the sequence number 0. The subsequent
ServerHello uses the sequence number 1.
* The client also expects the sequence number of the ServerHello to
be 1 if a HelloRequest was received earlier.
This patch fixes the RFC violation.
(cherry picked from commit b62f4daa)

75b81247

Aug 08, 2013

DTLS handshake fix. · 2c1a5c10

Michael Tuexen authored Aug 08, 2013

Reported by: Prashant Jaikumar <rmstar@gmail.com>

Fix handling of application data received before a handshake.
(cherry picked from commit 0c75eeac)

2c1a5c10

Aug 06, 2013

Fix verify loop with CRL checking. · 71c34b7f

Dr. Stephen Henson authored Jul 12, 2013

PR #3090
Reported by: Franck Youssef <fry@open.ch>

If no new reason codes are obtained after checking a CRL exit with an
error to avoid repeatedly checking the same CRL.

This will only happen if verify errors such as invalid CRL scope are
overridden in a callback.
(cherry picked from commit 4b26645c)

71c34b7f

Fix for PEM_X509_INFO_read_bio. · b0cfaf58

Kaspar Brand authored Aug 06, 2013

PR: 3028
Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys
correctly if they appeared first.
(cherry picked from commit 5ae8d6bc)

b0cfaf58

Aug 03, 2013
- crypto/evp/e_aes.c: fix logical pre-processor bug and formatting. · 9dc07f04
  Andy Polyakov authored Aug 03, 2013
```
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by
Ard Biesheuvel of Linaro.
(cherry picked from commit 044f63086051d7542fa9485a1432498c39c4d8fa)
```
  9dc07f04
- crypto/bn/asm/rsax-x86_64.pl: make it work on Darwin. · f15c1620
  Andy Polyakov authored Aug 03, 2013
```
(cherry picked from commit fd8ad019)
```
  f15c1620
Jul 31, 2013
- crypto/sha/asm/sha*-x86_64.pl: comply with Win64 ABI. · 4e09add6
  Andy Polyakov authored Jul 31, 2013
```
(cherry picked from commit 00678437)
```
  4e09add6
- Cosmetic touchups. · 355a6236
  Trevor authored Jun 24, 2013
  
  355a6236
- Support new rsaz asm stuff. · 6d7fa9c2
  Ben Laurie authored Jul 12, 2013
  
  6d7fa9c2
Jul 12, 2013
- bn/asm/rsaz-avx2.pl: Windows-specific fix. · 82ae22ef
  Andy Polyakov authored Jul 12, 2013
```
(cherry picked from commit 5c57c69f)
```
  82ae22ef
- s/rsaz_eligible/rsaz_avx2_eligible/. · b56bae51
  Ben Laurie authored Jul 12, 2013
```
(cherry picked from commit 852f837f)
```
  b56bae51
Jul 10, 2013
- sha512-586.pl: fix typo. · 2d3f31e0
  Andy Polyakov authored Jul 10, 2013
```
Submitted by: Gisle Vanem
(cherry picked from commit 241fba4e)
```
  2d3f31e0
Jul 05, 2013
- Remove RSAX engine, superseded by RSAZ module. · ae74191e
  Andy Polyakov authored Jul 05, 2013
```
(cherry picked from commit f5b132d6)

Conflicts [resloved]:

	Configure
```
  ae74191e
- Take RSAZ modules into build loop, add glue and engage. · ab8233ab
  Andy Polyakov authored Jul 05, 2013
```
RT: 2582, 2850
(cherry picked from commit ca48ace5)

Conflicts:

	Configure
```
  ab8233ab
- Add RSAZ assembly modules. · d5572bdc
  Andy Polyakov authored Jul 05, 2013
```
RT: 2582, 2850
(cherry picked from commit 0b4bb91d)
```
  d5572bdc
- bn/asm/x86_86-mont.pl: optimize reduction for Intel Core family. · e3990db5
  Andy Polyakov authored Jul 05, 2013
```
(cherry picked from commit 26e43b48)
```
  e3990db5
- bn/bn_exp.c: harmonize. · 87d90528
  Andy Polyakov authored Jul 05, 2013
```
(cherry picked from commit cbce8c46)
```
  87d90528