summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2004-07-13errno changes, lib major version bumps, and general flag dayMarco S Hyman
To build you must: cd /usr/src && make obj && make includes cd lib/libc && make depend && make && NOMAN=1 sudo make install cd /usr/src && make build
2004-06-15machdep.xcrypt now has a different meaning: Instead of > 0 indicatingTheo de Raadt
that AES is there, we now have 3 flag bits: C3_HAS_AES, C3_HAS_SHA (SHA1 & SHA256), and C3_HAS_MM (RSA). Change this code to only look at C3_HAS_AES for now.
2004-04-25update missing pieces from 0.9.7d; ok henningMarkus Friedl
crank minor for API extensions
2004-04-25from openssl, 1.50.2.9, make S/MIME encrypt work again.Markus Friedl
2004-04-08backout for nowMarkus Friedl
2004-04-08merge 0.9.7dMarkus Friedl
2004-04-07import openssl-0.9.7dMarkus Friedl
2004-03-22Unbreak rmd160. Was broken on sparc64 when compiled with gcc3. Fix and reportHans-Joerg Hoexer
by Simon Kellner. XXX This is only a temporary work-around and we still need a REAL fix for XXX this issue. Testing on different archs by marc@ tdvall@ millert@ otto@ ho@ miod@ hshoexer@ ok deraadt@
2004-03-21Insert missing ABORT if EC_GROUP_copy() fails.Tom Cosgrove
ok markus@
2004-03-17return(00); -> return(0); markus@ okAaron Campbell
2004-03-17out-of-bounds read in (unused) kerberos ciphersuites (CAN-2004-0112)Markus Friedl
2004-03-17avoid null-pointer deref (aka CAN-2004-0079)Markus Friedl
see http://www.openssl.org/news/secadv_20040317.txt
2004-02-13Cleanup and shrink ACSS_KEY a bit. Thus crank library minor.Hans-Joerg Hoexer
Change cipher modes to more generic names and add an additional mode. ok deraadt@ markus@
2004-02-04remove some debug code and cleanup..Theo de Raadt
2004-02-03OK, this time the AES soft keys work with ssh and such. I spent over 3Theo de Raadt
hours learning that OpenSSL's internal functions for AES extended keys generate screwy byte order swapped data..
2004-02-03oops, software key gen bugTheo de Raadt
2004-02-03Switch to using software generated extended keys (because the cpu cannotTheo de Raadt
yet generate 192 & 256 bit keys). Ensure that 192 and 256 are in the nids table. This also accelerates performance for 128 a tiny bit: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 34921.48k 129617.82k 362059.93k 623649.81k 790397.77k aes-192-cbc 26227.43k 99215.33k 283242.84k 509881.15k 665323.22k aes-256-cbc 26133.22k 97458.06k 265990.84k 457824.69k 579835.09k
2004-02-03If on an i386, detect existance of the VIA C3 xcrypt-* using sysctl ofTheo de Raadt
the machdep.xcrypt node. If they exist, use the xcrypt-cbc instruction to accelerate aes-{128,192,256}-cbc, for more than 100x performance increase. This code has no effect on any cpu... Tested thus far using openssl speed command, and of course, ssh. 778MB/sec AES-128-CBC performance at 8192 byte block size.
2004-01-23Use correct cvs id string.Hans-Joerg Hoexer
ok deraadt@
2004-01-23remove junk return at endTheo de Raadt
2004-01-23enable acss.Hans-Joerg Hoexer
ok @deraadt @markus Also bump minor version. ok @deraadt
2004-01-23evp api and manual page for acssHans-Joerg Hoexer
ok deraadt@ markus@
2004-01-23Add acss to libcrypto.Hans-Joerg Hoexer
ok deraadt@ markus@
2003-11-18use bn_asm_vax.S (from netbsd); test + ok by miodMarkus Friedl
use asm code for i386, except for the CBC code, because it is not clean PIC code. add <machime/asm.h> support to x86unix.pl tested by: nick (on 30386), henning, djm, tedu, jmc and more; no shlib minor crank necessary, only internal symbols changed.
2003-11-13remove obsolete filesMarkus Friedl
2003-11-11merge 0.9.7c; minor bugsfixes;Markus Friedl
API addition: ERR_release_err_state_table [make includes before you build libssl/libcrypto]
2003-11-11import 0.9.7cMarkus Friedl
2003-11-11import 0.9.7cMarkus Friedl
2003-10-25don't destroy old pointer if realloc fails; from Daniel Lucq; ok deraadt@Markus Friedl
2003-10-01Correct some off-by-ones. They currently don't matter, but thisChad Loder
is for future safety and consistency. OK krw@, markus@
2003-09-30more fixes from 0.9.7c, ok deraadt, cloderMarkus Friedl
2003-09-30security fix from http://www.openssl.org/news/secadv_20030930.txtMarkus Friedl
see also http://cvs.openssl.org/chngview?cn=11471
2003-09-29Revert BN_cmp() change. Its arguments are const. Spotted by miod@.Otto Moerbeek
ok deraadt@
2003-09-25Return immediately if argument to BN_sub_word is zero.Otto Moerbeek
ok markus@ deraadt@
2003-09-25Use BN_is_zero(), not x->top == 0 to test if a BN is zero.Otto Moerbeek
ok markus@ deraadt@
2003-09-25Add extra calls to bn_fix_top() in BN_cmp(), since some functions mayOtto Moerbeek
leave an invalid BN. ok markus@ deraadt@
2003-08-25You shall NOT BREAK THE TREETheo de Raadt
2003-08-25Setup /dev/crypto early (SSL_library_init) to make sure it's actually doneJason Wright
for all applications; ok markus and deraadt
2003-08-21Do not produce a corrupt BIGNUM when adding 0 to 0 using BN_add_word().Otto Moerbeek
ok markus@
2003-08-07support AES with 192 and 256 bit keys, too.Markus Friedl
tested with kern.cryptodevallowsoft=1; ok deraadt@
2003-08-06Remove some double semicolons (hmm, do two semis equal a maxi?).Todd C. Miller
I've skipped the GNU stuff for now. From Patrick Latifi.
2003-06-13obsoleteMarkus Friedl
2003-06-03nuke term 3, since we're all in ~deraadt/terms and I clued in now.Bob Beck
2003-05-12merge 0.9.7b with local changes; crank majors for libssl/libcryptoMarkus Friedl
2003-05-11import 0.9.7b (without idea and rc5)Markus Friedl
2003-04-08remove printf("bar\n");Markus Friedl
2003-04-06sprintf->snprintf. deraadt@ suggestions and okHakan Olsson
2003-04-05Trivial sprintf() -> snprintf() changes. ok deraadt@Hakan Olsson
2003-04-04more strcpy & sprintf murder; ho okTheo de Raadt
2003-04-03Correct off-by-one error in previous commit. millert@ ok.Hakan Olsson