openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Files	Lines
2014-05-03	Do not compile the neon probe code until __ARM_ARCH__ >= 7. Neon-specific code	miod	4	-4/+28
	will not get referenced if this condition is not met.
2014-05-03	typos	miod	2	-4/+4

2014-05-03	Correctly enable Montgomery code.	miod	2	-2/+4

2014-05-03	now that 5.5 has been released with compatibility for 2b hashes,	tedu	1	-2/+2
	switch to generating them by default. prodded by deraadt and sthen
2014-05-03	Update the base64 regress test and enable a test that would previously	jsing	1	-19/+28
	have resulted in a segfault. Also update the resulting output bytes now that the invalid/corrupt input is detected and rejected; unless you're using BIO_FLAGS_BASE64_NO_NL, in which case you still get a stream of zero value bytes and no way of knowing that the data is invalid/corrupt.
2014-05-03	Add checks for invalid base64 encoded data, specifically relating to the	jsing	2	-0/+24
	handling of padding. This fixes a crash that can be triggered by feeding base64 data followed by 64 or more padding characters, which results in a negative output length. This issue was reported by David Ramos, although the same bug has been sitting in the OpenSSL RT since 2011: https://rt.openssl.org/Ticket/Display.html?id=2608 Worse still, BIO_read seems to be completely unable to detect that the base64 input was invalid/corrupt - in particular, enabling BIO_FLAGS_BASE64_NO_NL results in a stream of zero value bytes rather than no input (possibly a good replacement for /dev/null...), which could result in nasty consequences. Prior to this fix some zero value bytes were also injected without this flag being enabled. The recently added base64 regress triggers and documents these issues (and also ensures that this change retains functional behaviour).
2014-05-03	1. Drop support for no minor. This variant doesn't exist anymore.	tedu	1	-44/+30
	2. Pull up the actual minor processing code into the switch that parses it. 3. atoi is actually simpler than strtonum in this case, but check the input beforehand so we don't get unexpected results. 4. Slightly more consistent style between various parse and check and increment operations on salt. ok deraadt
2014-05-03	It is definitly not the correct spelling.	jsing	2	-4/+4

2014-05-03	KNF.	jsing	8	-1864/+1820

2014-05-03	Nuke more defines - we have setvbuf() and _IONBF.	jsing	2	-16/+0
	ok deraadt@
2014-05-03	KNF.	jsing	8	-990/+1028

2014-05-03	Initial version of a base64 regress.	jsing	3	-1/+382

2014-05-03	Enable assembler bits for BN (Montgomery), SHA1 and SHA256.	miod	2	-0/+88
	Assembler bits for AES remain commented out as they run slower than the C code.
2014-05-03	Detect Altivec support with the machdep.altivec sysctl rather than setmp and	miod	4	-204/+40
	a SIGILL handler. Do not attempt to detect and use a 64-bit FPU yet.
2014-05-02	Correctly enable assembler Montgomery routine.	miod	2	-2/+4

2014-05-02	More use of 64-bit registers which needs to be disabled under OpenBSD.	miod	4	-0/+8

2014-05-02	Correctly enable assembler Montgomery routine.	miod	2	-2/+4

2014-05-02	Reenable assembler code for SHA384 and SHA512 now that it no longer miscomputes	miod	2	-6/+6
	things. Worth doing as it's twice faster than the C code.
2014-05-02	The assembly sha512 code detects at runtime if it is running on a 64-bit	miod	2	-0/+12
	processor (PA2.0) and, if so, switches to 64-bit code. However, when running under a 32-bit OpenBSD/hppa kernel, there is no guarantee that the upper part of the registers will be preserved accross context switches (or even userland->kernel boundaries), which causes this code to fail. Wrap the generated code within #ifndef __OpenBSD__ in that case, to avoid using the 64-bit code completely. (OpenBSD/hppa64, once stable, will not be affected by this)
2014-05-02	Simple sha{224,256,384,512} test using the FIPS 180-2 test vectors available	miod	2	-2/+45
	from http://csrc.nist.gov/groups/ST/toolkit/examples.html
2014-05-02	Disable assembler version of SHA512 for now, it produces wrong results.	miod	2	-6/+6

2014-05-02	Add ChaCha as a cipher.	jsing	1	-0/+3
	ok beck@ miod@
2014-05-02	remove crazy #undefs; ok jsing	deraadt	10	-13/+0

2014-05-02	Nuke OPENSSL_NO_SOCK since any half sane operating system has sockets.	jsing	9	-35/+0
	ok beck@
2014-05-02	Sort and group includes. We also do not need to include openssl/evp.h more	jsing	1	-45/+47
	than once. ok beck@
2014-05-02	Sort function prototypes and group/sort entries within the functions array.	jsing	1	-237/+125
	ok beck@
2014-05-01	Enable use of assembly code for AES, BN (Montgomery), SHA1, SHA256 and SHA512.	miod	2	-0/+100
	RC4 assembler code is not used, as it runs about 35% slower than the C code.
2014-05-01	Do not output SOM-specific directives.	miod	14	-0/+80

2014-05-01	Remove unreferenced OPENSSL_instrument_bus and OPENSSL_instrument_bus2 routines.	miod	4	-210/+0

2014-05-01	Make the implicit `l' in `impicit' explicit.	miod	2	-2/+2

2014-05-01	Enable use of the assembly code for BN (Montgomery) and SHA1.	miod	2	-0/+80

2014-05-01	Fix include filename to get register name aliases under BSD	miod	6	-36/+6

2014-05-01	Pass -Werror in the !BN_LLONG !BN_UMULT_LOHI !BN_UMULT_HIGH case.	miod	2	-8/+8

2014-05-01	Enable use of the assembly code for AES, BN, SHA1, SHA256 and SHA512.	miod	2	-0/+72

2014-05-01	dead meat	miod	4	-5056/+0

2014-05-01	tweak previous; ok sthen	jmc	1	-3/+3

2014-05-01	+ e_chacha.c, and bump minor	miod	3	-3/+4

2014-05-01	Update with recently added objects.	jsing	2	-0/+36
	ok miod@
2014-05-01	KNF.	jsing	1	-324/+296

2014-05-01	Nuke unused evptests.txt - the real one is over in regress.	jsing	2	-668/+0
	ok miod@
2014-05-01	Provide an EVP implementation for ChaCha.	jsing	14	-0/+233
	ok miod@
2014-05-01	Add ChaCha to libcrypto, based on djb's public domain implementation.	jsing	10	-2/+904
	ok deraadt@
2014-05-01	Add support for the french ANSSI FRP256v1 elliptic curve.	miod	4	-2/+70
	While not to be considered a good choice of elliptic curve (refer to http://safecurves.cr.yp.to/ for more details), it is nevertheless deemed a good decision to allow developers with requirements to use such a curve, to be able to do this via a crypto library allowing for much better choices to be made, without having to change (much of) their code to get better crypto. ok beck@ deraadt@
2014-05-01	Add Brainpool elliptic curves. From OpenSSL RT#2239 via ${DAYJOB}.	miod	4	-2/+922
	Be sure to rerun `make includes' after updating. ok tedu@ beck@ deraadt@
2014-05-01	Remove fips_md_init() macro indirection for digest algorithms, used by the	miod	18	-34/+22
	OpenSSL FIPS module to prevent forbidden digests to be allowed. No functional change but readability. ok deraadt@
2014-05-01	nibbles aren't enough random, use bytes. does a better job of picking	tedu	1	-14/+14
	a free chunk at random and may allow to increase delayed chunk array. ok otto
2014-04-30	first cut at documenting the change to malloc doing a partial 'junk' by	sthen	1	-2/+7
	default and the new 'j' option to disable this; ok jmc@
2014-04-30	Avoid a potential null pointer dereference by checking that we actually	jsing	2	-0/+4
	managed to allocate a fragment, before trying to memcpy data into it. ok miod@
2014-04-30	First pass at removing win64 support from the assembly generating Perl	jsing	16	-2132/+2
	scripts. We certainly do not need an identical copy of the win64 exception handler in each script (surely one copy would be sufficient). ok miod@
2014-04-30	i suck at math. b - 8 = 3, not 4. detected by Antoine Pitrou. thanks.	tedu	2	-2/+2