summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Nuke more defines - we have setvbuf() and _IONBF.jsing2014-05-032-16/+0
| | | | ok deraadt@
* KNF.jsing2014-05-038-990/+1028
|
* Initial version of a base64 regress.jsing2014-05-033-1/+382
|
* Enable assembler bits for BN (Montgomery), SHA1 and SHA256.miod2014-05-032-0/+88
| | | | Assembler bits for AES remain commented out as they run slower than the C code.
* Detect Altivec support with the machdep.altivec sysctl rather than setmp andmiod2014-05-034-204/+40
| | | | | a SIGILL handler. Do not attempt to detect and use a 64-bit FPU yet.
* Correctly enable assembler Montgomery routine.miod2014-05-022-2/+4
|
* More use of 64-bit registers which needs to be disabled under OpenBSD.miod2014-05-024-0/+8
|
* Correctly enable assembler Montgomery routine.miod2014-05-022-2/+4
|
* Reenable assembler code for SHA384 and SHA512 now that it no longer miscomputesmiod2014-05-022-6/+6
| | | | things. Worth doing as it's twice faster than the C code.
* The assembly sha512 code detects at runtime if it is running on a 64-bitmiod2014-05-022-0/+12
| | | | | | | | | | | | processor (PA2.0) and, if so, switches to 64-bit code. However, when running under a 32-bit OpenBSD/hppa kernel, there is no guarantee that the upper part of the registers will be preserved accross context switches (or even userland->kernel boundaries), which causes this code to fail. Wrap the generated code within #ifndef __OpenBSD__ in that case, to avoid using the 64-bit code completely. (OpenBSD/hppa64, once stable, will not be affected by this)
* Simple sha{224,256,384,512} test using the FIPS 180-2 test vectors availablemiod2014-05-022-2/+45
| | | | from http://csrc.nist.gov/groups/ST/toolkit/examples.html
* Disable assembler version of SHA512 for now, it produces wrong results.miod2014-05-022-6/+6
|
* Add ChaCha as a cipher.jsing2014-05-021-0/+3
| | | | ok beck@ miod@
* remove crazy #undefs; ok jsingderaadt2014-05-0210-13/+0
|
* Nuke OPENSSL_NO_SOCK since any half sane operating system has sockets.jsing2014-05-029-35/+0
| | | | ok beck@
* Sort and group includes. We also do not need to include openssl/evp.h morejsing2014-05-021-45/+47
| | | | | | than once. ok beck@
* Sort function prototypes and group/sort entries within the functions array.jsing2014-05-021-237/+125
| | | | ok beck@
* Enable use of assembly code for AES, BN (Montgomery), SHA1, SHA256 and SHA512.miod2014-05-012-0/+100
| | | | RC4 assembler code is not used, as it runs about 35% slower than the C code.
* Do not output SOM-specific directives.miod2014-05-0114-0/+80
|
* Remove unreferenced OPENSSL_instrument_bus and OPENSSL_instrument_bus2 routines.miod2014-05-014-210/+0
|
* Make the implicit `l' in `impicit' explicit.miod2014-05-012-2/+2
|
* Enable use of the assembly code for BN (Montgomery) and SHA1.miod2014-05-012-0/+80
|
* Fix include filename to get register name aliases under BSDmiod2014-05-016-36/+6
|
* Pass -Werror in the !BN_LLONG !BN_UMULT_LOHI !BN_UMULT_HIGH case.miod2014-05-012-8/+8
|
* Enable use of the assembly code for AES, BN, SHA1, SHA256 and SHA512.miod2014-05-012-0/+72
|
* dead meatmiod2014-05-014-5056/+0
|
* tweak previous; ok sthenjmc2014-05-011-3/+3
|
* + e_chacha.c, and bump minormiod2014-05-013-3/+4
|
* Update with recently added objects.jsing2014-05-012-0/+36
| | | | ok miod@
* KNF.jsing2014-05-011-324/+296
|
* Nuke unused evptests.txt - the real one is over in regress.jsing2014-05-012-668/+0
| | | | ok miod@
* Provide an EVP implementation for ChaCha.jsing2014-05-0114-0/+233
| | | | ok miod@
* Add ChaCha to libcrypto, based on djb's public domain implementation.jsing2014-05-0110-2/+904
| | | | ok deraadt@
* Add support for the french ANSSI FRP256v1 elliptic curve.miod2014-05-014-2/+70
| | | | | | | | | | While not to be considered a good choice of elliptic curve (refer to http://safecurves.cr.yp.to/ for more details), it is nevertheless deemed a good decision to allow developers with requirements to use such a curve, to be able to do this via a crypto library allowing for much better choices to be made, without having to change (much of) their code to get better crypto. ok beck@ deraadt@
* Add Brainpool elliptic curves. From OpenSSL RT#2239 via ${DAYJOB}.miod2014-05-014-2/+922
| | | | | Be sure to rerun `make includes' after updating. ok tedu@ beck@ deraadt@
* Remove fips_md_init() macro indirection for digest algorithms, used by themiod2014-05-0118-34/+22
| | | | | | | OpenSSL FIPS module to prevent forbidden digests to be allowed. No functional change but readability. ok deraadt@
* nibbles aren't enough random, use bytes. does a better job of pickingtedu2014-05-011-14/+14
| | | | | a free chunk at random and may allow to increase delayed chunk array. ok otto
* first cut at documenting the change to malloc doing a partial 'junk' bysthen2014-04-301-2/+7
| | | | default and the new 'j' option to disable this; ok jmc@
* Avoid a potential null pointer dereference by checking that we actuallyjsing2014-04-302-0/+4
| | | | | | managed to allocate a fragment, before trying to memcpy data into it. ok miod@
* First pass at removing win64 support from the assembly generating Perljsing2014-04-3016-2132/+2
| | | | | | | scripts. We certainly do not need an identical copy of the win64 exception handler in each script (surely one copy would be sufficient). ok miod@
* i suck at math. b - 8 = 3, not 4. detected by Antoine Pitrou. thanks.tedu2014-04-302-2/+2
|
* Constrain bytes read/written to positive values.beck2014-04-292-0/+20
| | | | ok miod@ tedu@
* Implement AI_ADDRCONFIGsperreault2014-04-281-3/+14
| | | | | | | | | | | | | | | | | | | | This is a getaddrinfo() flag that is defined thusly in RFC 3493: If the AI_ADDRCONFIG flag is specified, IPv4 addresses shall be returned only if an IPv4 address is configured on the local system, and IPv6 addresses shall be returned only if an IPv6 address is configured on the local system. The loopback address is not considered for this case as valid as a configured address. For example, when using the DNS, a query for AAAA records should occur only if the node has at least one IPv6 address configured (other than IPv6 loopback) and a query for A records should occur only if the node has at least one IPv4 address configured (other than the IPv4 loopback). The flag is set by default when hints is NULL. ok Eric Faurot, Jason McIntyre
* Remove WIN32, WIN64 and MINGW32 tentacles.miod2014-04-2828-130/+14
| | | | | | | | Also check for _LP64 rather than __arch64__ (the former being more reliable than __LP64__ or __arch64__) to tell 64-bit int platforms apart from 32-bit int platforms. Loosely based upon a diff from Martijn van Duren on tech@
* use the correct algorithm mask. reported by satish lvr viatedu2014-04-282-2/+2
| | | | | http://marc.info/?l=openssl-dev&m=139779977532459&w=2 ok miod
* SSL_OP_ALL is supposed to be all options and workarounds that are safe,tedu2014-04-282-8/+12
| | | | | | | | but disabling attack mitigations is not safe. 0.9.6d contained a workaround for an attack against CBC modes. 0.9.6e disabled it by default because "some" implementations couldn't handle empty fragments. 12 years have passed. Does anybody still care? Let's find out. ok miod
* Remove ending cplusplus guard followed by starting cplusplus guard; frommiod2014-04-282-14/+0
| | | | Gebruiker Schoot.
* Leftover includes and local declarations; from Gebruiker Schootmiod2014-04-282-10/+0
|
* typo in commentmiod2014-04-276-6/+6
|
* Remove orphaned l2n6 and n2l6 macros.miod2014-04-272-28/+0
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-26 03:43:33 +0000