miod
638fa5fb96
Enable assembler code for AES, DES, GCM, SHA1, SHA256 and SHA512.
The sparcv9 BN code is not enabled, as it expects to run on a 32-bit
userland and will need to be fixed for 64-bit userland first.
10 years ago
miod
8cbb01b51c
Enable assembler code for AES, BN (Montgomery), GCM128, SHA1, SHA256 and SHA512.
Note that GCM128 Neon code is currently not built (and thus not tested), as
the current toolchain does not support Neon instructions.
10 years ago
miod
31c291d25f
Correctly enable Montgomery code.
10 years ago
tedu
b213b4d39d
now that 5.5 has been released with compatibility for 2b hashes,
switch to generating them by default. prodded by deraadt and sthen
10 years ago
tedu
378adff9c2
1. Drop support for no minor. This variant doesn't exist anymore.
2. Pull up the actual minor processing code into the switch that
parses it.
3. atoi is actually simpler than strtonum in this case, but check the
input beforehand so we don't get unexpected results.
4. Slightly more consistent style between various parse and check and
increment operations on salt.
ok deraadt
10 years ago
miod
c3f1c42b8f
Enable assembler bits for BN (Montgomery), SHA1 and SHA256.
Assembler bits for AES remain commented out as they run slower than the C code.
10 years ago
miod
62cf4a9553
Correctly enable assembler Montgomery routine.
10 years ago
miod
d226e2231e
Correctly enable assembler Montgomery routine.
10 years ago
miod
4a6d2807e8
Reenable assembler code for SHA384 and SHA512 now that it no longer miscomputes
things. Worth doing as it's twice faster than the C code.
10 years ago
miod
b3754d7e6e
Disable assembler version of SHA512 for now, it produces wrong results.
10 years ago
miod
4ccd8f7b9b
Enable use of assembly code for AES, BN (Montgomery), SHA1, SHA256 and SHA512.
RC4 assembler code is not used, as it runs about 35% slower than the C code.
10 years ago
miod
ccdf39aa22
Enable use of the assembly code for BN (Montgomery) and SHA1.
10 years ago
miod
5e5b6a434e
Enable use of the assembly code for AES, BN, SHA1, SHA256 and SHA512.
10 years ago
jmc
55b1910ad3
tweak previous; ok sthen
10 years ago
miod
f8379a3fa2
+ e_chacha.c, and bump minor
10 years ago
jsing
233036e0f3
Add ChaCha to libcrypto, based on djb's public domain implementation.
ok deraadt@
10 years ago
tedu
74c23bc915
nibbles aren't enough random, use bytes. does a better job of picking
a free chunk at random and may allow to increase delayed chunk array.
ok otto
10 years ago
sthen
a82252ad47
first cut at documenting the change to malloc doing a partial 'junk' by
default and the new 'j' option to disable this; ok jmc@
10 years ago
jsing
aafd2acc1e
We do not need a separate file for two compatibility wrapper functions.
ok miod@
10 years ago
tedu
c0d30f0eb0
remove Z option and default to something halfway to J.
we always junk small chunks now, and the first part of pages,
but only after free. J still does the old thing. j disables everything.
Consider experimental as we evaluate performance in the real world.
ok otto
10 years ago
espie
41f1e88953
explain a bit more what's going on for stupid me.
okay otto@
10 years ago
otto
8a0e8854ef
Better, cleaner hash function that computes the same on be and le archs.
Should improve sparc64 and other be archs. ok matthew@ miod@
10 years ago
beck
e96a30fc99
Make libssl and libcrypto compile with -Werror
ok miod@
10 years ago
jmc
c1238dcae0
- one more mallocarray -> reallocarray
- use <>
10 years ago
tedu
07d1cf3ec2
change mallocarray to reallocarray. useful in a few more situations.
malloc can, as always, be emulated via realloc(NULL).
ok deraadt
10 years ago
deraadt
58a64bf376
correct man page section
10 years ago
deraadt
00d28c4faf
Introducing: void *mallocarray(size_t nmemb, size_t size);
Like calloc(), except without the cleared-memory gaurantee
ok beck guenther, discussed for more than a year...
10 years ago
guenther
e004b9b14e
Correctly document the return value of getenv(3)
From Ben Cornett (ben (at) lantern.is)
10 years ago
guenther
792be10b82
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues.
APIs that pass times as longs will have to change at some point...
Bump major on both libcrypto and libssl.
ok tedu@
10 years ago
jmc
b07eaf1c5d
tweak previous;
10 years ago
tedu
fdb6f71674
one small tweak to avoid ever going off the end of a string.
10 years ago
tedu
50bce974c2
improved checking for invalid hashes. from solar designer
10 years ago
deraadt
ce2837fd80
Use somewhat harsher language and better examples; demonstrate that
non-dangerous use functions is difficult.
ok guenther
10 years ago
miod
15e68710e4
Do not ask the user to pass either -DB_ENDIAN or -DL_ENDIAN to the compiler,
but rather figure out the endianness from <machine/endian.h> automagically;
help from guenther@
ok jca@ guenther@ beck@ and the rest of the `Buena SSL rampage club'
10 years ago
tedu
26c463959c
first round of static config. ok miod
10 years ago
miod
039a3ba251
Put back i2d_ASN1_SET() and d2i_ASN1_SET() from the NO_ASN1_OLD prune, as there
are still some 3rd-party code using it, and fixing them is not trivial.
As an excuse gift, the memory leaks on failure in resurrected a_set.c have
been fixed.
10 years ago
tedu
b04cff92a8
we need to crank
10 years ago
tedu
5c324aa8cb
another round of chemo for the RAND code to provide clarity.
ok deraadt
10 years ago
tedu
733b31aee1
egd support is too dangerous to leave where somebody might find it.
ok deraadt.
10 years ago
miod
bc44409139
Use !defined() rather than empty().
10 years ago
tedu
dd7023fba8
-Wall
10 years ago
miod
7c11123d14
Ok, there was a need for OPENSSL_cleanse() instead of bzero() to prevent
supposedly smart compilers from optimizing memory cleanups away. Understood.
Ok, in case of an hypothetically super smart compiler, OPENSSL_cleanse() had
to be convoluted enough for the compiler not to recognize that this was
actually bzero() in disguise. Understood.
But then why there had been optimized assembler versions of OPENSSL_cleanse()
is beyond me. Did someone not trust the C obfuscation?
10 years ago
miod
df9a743232
Move the machine-specific parts of the libcrypto Makefile to per-arch makefile
fragments, to ease maintainance, and see through the fog of bugs.
"looks good" deraadt@
10 years ago
tedu
9c6216c0a0
Fully kill FIPS API. Forcible certification conflicts with the goals of a
free software project. ok beck deraadt
Ports calling FIPS_mode_set(1): mongodb
10 years ago
miod
e34477ae2d
No need to define ANSI_SOURCE and NO_ERR. TERMIOS kept until ui/ui_openssl.c
gets a second trim.
10 years ago
miod
8d27d8d34b
No need to build with -DOPENSSL_NO_CAPIENG and -DOPENSSL_NO_HW_xxx for all
now removed engines.
10 years ago
miod
64e007ee84
Remove DES_read_password and DES_read_2passwords which are `modern' flavours
of des_old.h routines, acting as wrappers about the OpenSSL UI API.
Nothing should use these functions directly.
Riding the recent libcrypto major bump (in a `des' car).
10 years ago
beck
8e9fe71de4
Your operating system memory allocation functions are your friend. If they
are not please fix your operating system. Replace mem.c with an API-compatible
wrapper that just calls the system functions and does not allow a one word
modification of a variable in a running shared library to turn on memory
debug functions that expose things that should not be seen.
ok tedu@
10 years ago
tedu
ea0a8e3a36
don't even pretend to build md2, seed, or jpake
ok beck deraadt
10 years ago
miod
047a00a267
The more you remove Chtulhu^WVMS tentacles, the more there are
10 years ago