Commits · ce876d8316409542283b356d331f90e1a1dfb853 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Feb 27, 2014
- perlasm/x86gas.pl: limit special OPENSSL_ia32cap_P treatment to ELF. · ce876d83
  Andy Polyakov authored Feb 27, 2014
  
  ce876d83
- rc4/asm/rc4-586.pl: allow for 386-only build. · f861b1d4
  Andy Polyakov authored Feb 27, 2014
  
  f861b1d4
- des/asm/des-586.pl: shortcut reference to DES_SPtrans. · fd361a67
  Andy Polyakov authored Feb 27, 2014
  
  fd361a67
Feb 26, 2014
- CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. · 52f71f81
  Rob Stradling authored Feb 25, 2014
  
  52f71f81
- Fix for WIN32 builds with KRB5 · 031ea2d1
  Dr. Stephen Henson authored Feb 26, 2014
```
(cherry picked from commit 3eddd1706a30cdf3dc9278692d8ee9038eac8a0d)
```
  031ea2d1
- sha/asm/sha256-586.pl: don't try to compile SIMD with no-sse2. · d49135e7
  Andy Polyakov authored Feb 26, 2014
  
  d49135e7
- sha/asm/sha512-x86_64.pl: fix compilation error on Solaris. · 147cca8f
  Andy Polyakov authored Feb 26, 2014
  
  147cca8f
- Configure: blended processor target in solaris-x86-cc. · 7bb9d84e
  Andy Polyakov authored Feb 26, 2014
  
  7bb9d84e
Feb 25, 2014
- ssl/t1_enc.c: check EVP_MD_CTX_copy return value. · 03da57fe
  Andy Polyakov authored Feb 25, 2014
```
PR: 3201
```
  03da57fe
- aes/asm/vpaes-ppc.pl: fix traceback info. · e704741b
  Andy Polyakov authored Feb 25, 2014
  
  e704741b
- Don't use BN_ULLONG in n2l8 use SCTS_TIMESTAMP. · e0520c65
  Dr. Stephen Henson authored Feb 25, 2014
```
(cherry picked from commit 3678161d)
```
  e0520c65
- Fix for v3_scts.c · 3a325c60
  Dr. Stephen Henson authored Feb 25, 2014
```
Not all platforms define BN_ULLONG. Define SCTS_TIMESTAMP as a type
which should work on all platforms.
(cherry picked from commit 66344167)
```
  3a325c60
- Add -show_chain option to print out verified chain. · 86a2f966
  Dr. Stephen Henson authored Feb 25, 2014
  
  86a2f966
- Avoid Windows 8 Getversion deprecated errors. · a4cc3c80
  Dr. Stephen Henson authored Feb 25, 2014
```
Windows 8 SDKs complain that GetVersion() is deprecated.

We only use GetVersion like this:

	(GetVersion() < 0x80000000)

which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
```
  a4cc3c80
- Parse non-v1 SCTs less awkwardly. · 19f65ddb
  Rob Stradling authored Feb 25, 2014
  
  19f65ddb
Feb 24, 2014
- ms/do_win64a.bat: forward to NUL, not NUL:. · 63aff300
  Andy Polyakov authored Feb 24, 2014
```
Allegedly formwarding to NUL: sometimes creates NUL file in file
system.

PR: 3250
```
  63aff300
- BC-32.pl: refresh Borland C support. · 779c51c6
  Andy Polyakov authored Feb 24, 2014
```
PR: 3251
Suggested by: Thorsten Schning
```
  779c51c6
- x509/by_dir.c: fix run-away pointer (and potential SEGV) · 758954e0
  Andy Polyakov authored Feb 24, 2014
```
when adding duplicates in add_cert_dir.

PR: 3261
Reported by: Marian Done
```
  758954e0
- config: recognize ARMv8/AArch64 target. · d099f0ed
  Andy Polyakov authored Feb 24, 2014
  
  d099f0ed
Feb 23, 2014

Only set current certificate to valid values. · 358d352a
Dr. Stephen Henson authored Feb 23, 2014
```
When setting the current certificate check that it has a corresponding
private key.
```
358d352a

Dr. Stephen Henson authored Feb 23, 2014

New flags to build certificate chains. The can be used to rearrange
the chain so all an application needs to do is add all certificates
in arbitrary order and then build the chain to check and correct them.

Add verify error code when building chain.

Update docs.

13dc3ce9

Feb 21, 2014
- Option to set current cert to server certificate. · daddd9a9
  Dr. Stephen Henson authored Feb 21, 2014
  
  daddd9a9
- aes/asm/aesni-x86[_64].pl: minor Atom-specific performance tweak. · 214368ff
  Andy Polyakov authored Feb 21, 2014
  
  214368ff
Feb 20, 2014
- fix WIN32 warnings · 47739161
  Dr. Stephen Henson authored Feb 20, 2014
```
(cherry picked from commit b709f8ef)
```
  47739161
- make depend · 8764e863
  Dr. Stephen Henson authored Feb 20, 2014
  
  8764e863
- Move CT viewer extension code to crypto/x509v3 · ded18639
  Dr. Stephen Henson authored Feb 20, 2014
  
  ded18639
Feb 19, 2014
- make depend · 4cfeb00b
  Dr. Stephen Henson authored Feb 19, 2014
  
  4cfeb00b
- Remove references to o_time.h · 84917787
  Dr. Stephen Henson authored Feb 19, 2014
  
  84917787
- Move gmtime functions to crypto.h. · ff49a944
  Ben Laurie authored Feb 19, 2014
  
  ff49a944
- Make i2r_sctlist static. · e91fb53b
  Ben Laurie authored Feb 19, 2014
  
  e91fb53b
- Reverse export of o_time.h. · c0482547
  Ben Laurie authored Feb 19, 2014
  
  c0482547
- Merge branch 'sct-viewer-master' of https://github.com/robstradling/openssl into sct-viewer · 765e9ba9
  Ben Laurie authored Feb 19, 2014
  
  765e9ba9
- Move the SCT List extension parser into libssl. · b263f212
  Rob Stradling authored Feb 19, 2014
```
Add the extension parser in the s_client, ocsp and x509 apps.
```
  b263f212
Feb 18, 2014
- Don't use CRYPTO_AES_CTR if it isn't defined. · 6ecbc2bb
  Dr. Stephen Henson authored Feb 18, 2014
  
  6ecbc2bb
Feb 16, 2014

Restore SSL_OP_MSIE_SSLV2_RSA_PADDING · 3c6c139a

Dr. Stephen Henson authored Jan 04, 2014

The flag SSL_OP_MSIE_SSLV2_RSA_PADDING hasn't done anything since OpenSSL
0.9.7h but deleting it will break source compatibility with any software
that references it. Restore it but #define to zero.
(cherry picked from commit b17d6b8d)

3c6c139a

Feb 15, 2014
- Don't use getcwd in non-copy builds. · f3a39032
  Dr. Stephen Henson authored Feb 15, 2014
  
  f3a39032
- Remove duplicate statement. · 5a7652c3
  Dr. Stephen Henson authored Feb 15, 2014
  
  5a7652c3
- Add support for aes-128/192/256-ctr to the cryptodev engine. · be2c4d9b
  Klaus-Peter Junghanns authored Jan 28, 2014
```
This can be used to speed up SRTP with libsrtp, e.g. on TI omap/sitara based devices.
```
  be2c4d9b
Feb 14, 2014

Show the contents of the RFC6962 Signed Certificate Timestamp List Certificate/OCSP Extensions. · dcfe8df1
Rob Stradling authored Feb 14, 2014
```
Add the RFC6962 OIDs to the objects table.
```
dcfe8df1

Use defaults bits in req when not given · 33432203

Kurt Roeckx authored Dec 23, 2013

If you use "-newkey rsa" it's supposed to read the default number of bits from the
config file.  However the value isn't used to generate the key, but it does
print it's generating such a key.  The set_keygen_ctx() doesn't call
EVP_PKEY_CTX_set_rsa_keygen_bits() and you end up with the default set in
pkey_rsa_init() (1024).  Afterwards the number of bits gets read from the config
file, but nothing is done with that anymore.

We now read the config first and use the value from the config file when no size
is given.

PR: 2592

33432203