aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--crypto/openssl/CHANGES7778
-rw-r--r--crypto/openssl/CHANGES.SSLeay968
-rw-r--r--crypto/openssl/ChangeLog.0_9_7-stable_not-in-head163
-rw-r--r--crypto/openssl/ChangeLog.0_9_7-stable_not-in-head_FIPS1494
-rwxr-xr-xcrypto/openssl/Configure1817
-rw-r--r--crypto/openssl/FAQ898
-rw-r--r--crypto/openssl/INSTALL350
-rw-r--r--crypto/openssl/LICENSE127
-rw-r--r--crypto/openssl/Makefile590
-rw-r--r--crypto/openssl/Makefile.org588
-rw-r--r--crypto/openssl/Makefile.shared603
-rw-r--r--crypto/openssl/NEWS452
-rw-r--r--crypto/openssl/PROBLEMS197
-rw-r--r--crypto/openssl/README200
-rw-r--r--crypto/openssl/README.ASN1187
-rw-r--r--crypto/openssl/README.ENGINE289
-rwxr-xr-xcrypto/openssl/apps/CA.pl189
-rw-r--r--crypto/openssl/apps/CA.pl.in189
-rw-r--r--crypto/openssl/apps/CA.sh139
-rw-r--r--crypto/openssl/apps/Makefile900
-rw-r--r--crypto/openssl/apps/app_rand.c218
-rw-r--r--crypto/openssl/apps/apps.c2335
-rw-r--r--crypto/openssl/apps/apps.h345
-rw-r--r--crypto/openssl/apps/asn1pars.c444
-rw-r--r--crypto/openssl/apps/ca-cert.srl1
-rw-r--r--crypto/openssl/apps/ca-key.pem15
-rw-r--r--crypto/openssl/apps/ca-req.pem11
-rw-r--r--crypto/openssl/apps/ca.c3002
-rw-r--r--crypto/openssl/apps/cert.pem11
-rw-r--r--crypto/openssl/apps/ciphers.c208
-rw-r--r--crypto/openssl/apps/client.pem24
-rw-r--r--crypto/openssl/apps/crl.c429
-rw-r--r--crypto/openssl/apps/crl2p7.c345
-rw-r--r--crypto/openssl/apps/demoCA/cacert.pem14
-rw-r--r--crypto/openssl/apps/demoCA/index.txt39
-rw-r--r--crypto/openssl/apps/demoCA/private/cakey.pem24
-rw-r--r--crypto/openssl/apps/demoCA/serial1
-rw-r--r--crypto/openssl/apps/der_chop305
-rw-r--r--crypto/openssl/apps/der_chop.in305
-rw-r--r--crypto/openssl/apps/dgst.c477
-rw-r--r--crypto/openssl/apps/dh.c352
-rw-r--r--crypto/openssl/apps/dh1024.pem10
-rw-r--r--crypto/openssl/apps/dh2048.pem12
-rw-r--r--crypto/openssl/apps/dh4096.pem18
-rw-r--r--crypto/openssl/apps/dh512.pem9
-rw-r--r--crypto/openssl/apps/dhparam.c557
-rw-r--r--crypto/openssl/apps/dsa-ca.pem40
-rw-r--r--crypto/openssl/apps/dsa-pca.pem46
-rw-r--r--crypto/openssl/apps/dsa.c341
-rw-r--r--crypto/openssl/apps/dsa1024.pem9
-rw-r--r--crypto/openssl/apps/dsa512.pem6
-rw-r--r--crypto/openssl/apps/dsap.pem6
-rw-r--r--crypto/openssl/apps/dsaparam.c478
-rw-r--r--crypto/openssl/apps/ec.c400
-rw-r--r--crypto/openssl/apps/ecparam.c728
-rw-r--r--crypto/openssl/apps/enc.c681
-rw-r--r--crypto/openssl/apps/engine.c542
-rw-r--r--crypto/openssl/apps/errstr.c126
-rw-r--r--crypto/openssl/apps/gendh.c238
-rw-r--r--crypto/openssl/apps/gendsa.c274
-rw-r--r--crypto/openssl/apps/genrsa.c320
-rw-r--r--crypto/openssl/apps/nseq.c167
-rw-r--r--crypto/openssl/apps/ocsp.c1228
-rw-r--r--crypto/openssl/apps/oid.cnf6
-rw-r--r--crypto/openssl/apps/openssl.c526
-rw-r--r--crypto/openssl/apps/openssl.cnf313
-rw-r--r--crypto/openssl/apps/passwd.c512
-rw-r--r--crypto/openssl/apps/pca-cert.srl1
-rw-r--r--crypto/openssl/apps/pca-key.pem15
-rw-r--r--crypto/openssl/apps/pca-req.pem11
-rw-r--r--crypto/openssl/apps/pkcs12.c938
-rw-r--r--crypto/openssl/apps/pkcs7.c318
-rw-r--r--crypto/openssl/apps/pkcs8.c460
-rw-r--r--crypto/openssl/apps/prime.c130
-rw-r--r--crypto/openssl/apps/privkey.pem18
-rw-r--r--crypto/openssl/apps/progs.h324
-rw-r--r--crypto/openssl/apps/progs.pl91
-rw-r--r--crypto/openssl/apps/rand.c227
-rw-r--r--crypto/openssl/apps/req.c1686
-rw-r--r--crypto/openssl/apps/req.pem11
-rw-r--r--crypto/openssl/apps/rsa.c397
-rw-r--r--crypto/openssl/apps/rsa8192.pem101
-rw-r--r--crypto/openssl/apps/rsautl.c333
-rw-r--r--crypto/openssl/apps/s1024key.pem15
-rw-r--r--crypto/openssl/apps/s1024req.pem11
-rw-r--r--crypto/openssl/apps/s512-key.pem9
-rw-r--r--crypto/openssl/apps/s512-req.pem8
-rw-r--r--crypto/openssl/apps/s_apps.h170
-rw-r--r--crypto/openssl/apps/s_cb.c577
-rw-r--r--crypto/openssl/apps/s_client.c1219
-rw-r--r--crypto/openssl/apps/s_server.c2015
-rw-r--r--crypto/openssl/apps/s_socket.c617
-rw-r--r--crypto/openssl/apps/s_time.c735
-rw-r--r--crypto/openssl/apps/server.pem369
-rw-r--r--crypto/openssl/apps/server.srl1
-rw-r--r--crypto/openssl/apps/server2.pem376
-rw-r--r--crypto/openssl/apps/sess_id.c320
-rw-r--r--crypto/openssl/apps/set/set-g-ca.pem21
-rw-r--r--crypto/openssl/apps/set/set-m-ca.pem21
-rw-r--r--crypto/openssl/apps/set/set_b_ca.pem23
-rw-r--r--crypto/openssl/apps/set/set_c_ca.pem21
-rw-r--r--crypto/openssl/apps/set/set_d_ct.pem21
-rw-r--r--crypto/openssl/apps/set/set_root.pem21
-rw-r--r--crypto/openssl/apps/smime.c794
-rw-r--r--crypto/openssl/apps/speed.c2834
-rw-r--r--crypto/openssl/apps/spkac.c308
-rw-r--r--crypto/openssl/apps/testCA.pem8
-rw-r--r--crypto/openssl/apps/testdsa.h217
-rw-r--r--crypto/openssl/apps/testrsa.h518
-rw-r--r--crypto/openssl/apps/timeouts.h67
-rw-r--r--crypto/openssl/apps/verify.c370
-rw-r--r--crypto/openssl/apps/version.c217
-rw-r--r--crypto/openssl/apps/winrand.c148
-rw-r--r--crypto/openssl/apps/x509.c1278
-rw-r--r--crypto/openssl/bugs/MS7
-rw-r--r--crypto/openssl/bugs/SSLv349
-rw-r--r--crypto/openssl/bugs/VC16.bug18
-rw-r--r--crypto/openssl/bugs/alpha.c91
-rw-r--r--crypto/openssl/bugs/dggccbug.c45
-rw-r--r--crypto/openssl/bugs/sgiccbug.c57
-rw-r--r--crypto/openssl/bugs/sslref.dif26
-rw-r--r--crypto/openssl/bugs/stream.c131
-rw-r--r--crypto/openssl/bugs/ultrixcc.c45
-rw-r--r--crypto/openssl/certs/ICE-CA.pem59
-rw-r--r--crypto/openssl/certs/ICE-root.pem48
-rw-r--r--crypto/openssl/certs/ICE-user.pem63
-rw-r--r--crypto/openssl/certs/ICE.crl9
-rw-r--r--crypto/openssl/certs/RegTP-4R.pem19
-rw-r--r--crypto/openssl/certs/RegTP-5R.pem19
-rw-r--r--crypto/openssl/certs/RegTP-6R.pem19
-rw-r--r--crypto/openssl/certs/argena.pem39
-rw-r--r--crypto/openssl/certs/argeng.pem23
-rw-r--r--crypto/openssl/certs/ca-cert.pem33
-rw-r--r--crypto/openssl/certs/demo/ca-cert.pem33
-rw-r--r--crypto/openssl/certs/demo/dsa-ca.pem43
-rw-r--r--crypto/openssl/certs/demo/dsa-pca.pem49
-rw-r--r--crypto/openssl/certs/demo/nortelCA.pem16
-rw-r--r--crypto/openssl/certs/demo/pca-cert.pem33
-rw-r--r--crypto/openssl/certs/demo/timCA.pem16
-rw-r--r--crypto/openssl/certs/demo/tjhCA.pem15
-rw-r--r--crypto/openssl/certs/demo/vsigntca.pem18
-rw-r--r--crypto/openssl/certs/dsa-ca.pem43
-rw-r--r--crypto/openssl/certs/dsa-pca.pem49
-rw-r--r--crypto/openssl/certs/eng1.pem23
-rw-r--r--crypto/openssl/certs/eng2.pem23
-rw-r--r--crypto/openssl/certs/eng3.pem34
-rw-r--r--crypto/openssl/certs/eng4.pem23
-rw-r--r--crypto/openssl/certs/eng5.pem23
-rw-r--r--crypto/openssl/certs/expired/ICE-CA.pem59
-rw-r--r--crypto/openssl/certs/expired/ICE-root.pem48
-rw-r--r--crypto/openssl/certs/expired/ICE-user.pem63
-rw-r--r--crypto/openssl/certs/expired/ICE.crl9
-rw-r--r--crypto/openssl/certs/expired/RegTP-4R.pem19
-rw-r--r--crypto/openssl/certs/expired/factory.pem15
-rw-r--r--crypto/openssl/certs/expired/rsa-cca.pem19
-rw-r--r--crypto/openssl/certs/expired/rsa-ssca.pem19
-rw-r--r--crypto/openssl/certs/expired/vsign2.pem18
-rw-r--r--crypto/openssl/certs/expired/vsign3.pem18
-rw-r--r--crypto/openssl/certs/factory.pem15
-rw-r--r--crypto/openssl/certs/nortelCA.pem16
-rw-r--r--crypto/openssl/certs/pca-cert.pem33
-rw-r--r--crypto/openssl/certs/rsa-cca.pem19
-rw-r--r--crypto/openssl/certs/thawteCb.pem19
-rw-r--r--crypto/openssl/certs/thawteCp.pem19
-rw-r--r--crypto/openssl/certs/timCA.pem16
-rw-r--r--crypto/openssl/certs/tjhCA.pem15
-rw-r--r--crypto/openssl/certs/vsign1.pem17
-rw-r--r--crypto/openssl/certs/vsign2.pem18
-rw-r--r--crypto/openssl/certs/vsign3.pem17
-rw-r--r--crypto/openssl/certs/vsignss.pem17
-rw-r--r--crypto/openssl/certs/vsigntca.pem18
-rw-r--r--crypto/openssl/certs/wellsfgo.pem23
-rw-r--r--crypto/openssl/comm.txt1
-rw-r--r--crypto/openssl/comms.txt1
-rwxr-xr-xcrypto/openssl/config878
-rw-r--r--crypto/openssl/crypto/LPdir_nyi.c42
-rw-r--r--crypto/openssl/crypto/LPdir_unix.c127
-rw-r--r--crypto/openssl/crypto/LPdir_vms.c199
-rw-r--r--crypto/openssl/crypto/LPdir_win.c155
-rw-r--r--crypto/openssl/crypto/LPdir_win32.c30
-rw-r--r--crypto/openssl/crypto/LPdir_wince.c31
-rw-r--r--crypto/openssl/crypto/Makefile204
-rw-r--r--crypto/openssl/crypto/aes/Makefile112
-rw-r--r--crypto/openssl/crypto/aes/README3
-rw-r--r--crypto/openssl/crypto/aes/aes.h138
-rw-r--r--crypto/openssl/crypto/aes/aes_cbc.c131
-rw-r--r--crypto/openssl/crypto/aes/aes_cfb.c225
-rw-r--r--crypto/openssl/crypto/aes/aes_core.c1159
-rw-r--r--crypto/openssl/crypto/aes/aes_ctr.c139
-rw-r--r--crypto/openssl/crypto/aes/aes_ecb.c73
-rw-r--r--crypto/openssl/crypto/aes/aes_ige.c283
-rw-r--r--crypto/openssl/crypto/aes/aes_locl.h89
-rw-r--r--crypto/openssl/crypto/aes/aes_misc.c64
-rw-r--r--crypto/openssl/crypto/aes/aes_ofb.c142
-rwxr-xr-xcrypto/openssl/crypto/aes/asm/aes-586.pl1532
-rw-r--r--crypto/openssl/crypto/aes/asm/aes-ia64.S1652
-rw-r--r--crypto/openssl/crypto/asn1/Makefile870
-rw-r--r--crypto/openssl/crypto/asn1/a_bitstr.c225
-rw-r--r--crypto/openssl/crypto/asn1/a_bool.c114
-rw-r--r--crypto/openssl/crypto/asn1/a_bytes.c314
-rw-r--r--crypto/openssl/crypto/asn1/a_d2i_fp.c260
-rw-r--r--crypto/openssl/crypto/asn1/a_digest.c111
-rw-r--r--crypto/openssl/crypto/asn1/a_dup.c109
-rw-r--r--crypto/openssl/crypto/asn1/a_enum.c182
-rw-r--r--crypto/openssl/crypto/asn1/a_gentm.c246
-rw-r--r--crypto/openssl/crypto/asn1/a_hdr.c119
-rw-r--r--crypto/openssl/crypto/asn1/a_i2d_fp.c163
-rw-r--r--crypto/openssl/crypto/asn1/a_int.c459
-rw-r--r--crypto/openssl/crypto/asn1/a_mbstr.c400
-rw-r--r--crypto/openssl/crypto/asn1/a_meth.c84
-rw-r--r--crypto/openssl/crypto/asn1/a_object.c385
-rw-r--r--crypto/openssl/crypto/asn1/a_octet.c71
-rw-r--r--crypto/openssl/crypto/asn1/a_print.c127
-rw-r--r--crypto/openssl/crypto/asn1/a_set.c238
-rw-r--r--crypto/openssl/crypto/asn1/a_sign.c295
-rw-r--r--crypto/openssl/crypto/asn1/a_strex.c567
-rw-r--r--crypto/openssl/crypto/asn1/a_strnid.c290
-rw-r--r--crypto/openssl/crypto/asn1/a_time.c164
-rw-r--r--crypto/openssl/crypto/asn1/a_type.c84
-rw-r--r--crypto/openssl/crypto/asn1/a_utctm.c303
-rw-r--r--crypto/openssl/crypto/asn1/a_utf8.c211
-rw-r--r--crypto/openssl/crypto/asn1/a_verify.c181
-rw-r--r--crypto/openssl/crypto/asn1/asn1.h1233
-rw-r--r--crypto/openssl/crypto/asn1/asn1_err.c301
-rw-r--r--crypto/openssl/crypto/asn1/asn1_gen.c848
-rw-r--r--crypto/openssl/crypto/asn1/asn1_lib.c462
-rw-r--r--crypto/openssl/crypto/asn1/asn1_mac.h571
-rw-r--r--crypto/openssl/crypto/asn1/asn1_par.c442
-rw-r--r--crypto/openssl/crypto/asn1/asn1t.h886
-rw-r--r--crypto/openssl/crypto/asn1/asn_moid.c160
-rw-r--r--crypto/openssl/crypto/asn1/asn_pack.c191
-rw-r--r--crypto/openssl/crypto/asn1/charmap.h15
-rw-r--r--crypto/openssl/crypto/asn1/charmap.pl80
-rw-r--r--crypto/openssl/crypto/asn1/d2i_pr.c161
-rw-r--r--crypto/openssl/crypto/asn1/d2i_pu.c135
-rw-r--r--crypto/openssl/crypto/asn1/evp_asn1.c189
-rw-r--r--crypto/openssl/crypto/asn1/f_enum.c207
-rw-r--r--crypto/openssl/crypto/asn1/f_int.c219
-rw-r--r--crypto/openssl/crypto/asn1/f_string.c212
-rw-r--r--crypto/openssl/crypto/asn1/i2d_pr.c99
-rw-r--r--crypto/openssl/crypto/asn1/i2d_pu.c95
-rw-r--r--crypto/openssl/crypto/asn1/n_pkey.c344
-rw-r--r--crypto/openssl/crypto/asn1/nsseq.c82
-rw-r--r--crypto/openssl/crypto/asn1/p5_pbe.c131
-rw-r--r--crypto/openssl/crypto/asn1/p5_pbev2.c205
-rw-r--r--crypto/openssl/crypto/asn1/p8_key.c131
-rw-r--r--crypto/openssl/crypto/asn1/p8_pkey.c84
-rw-r--r--crypto/openssl/crypto/asn1/t_bitst.c102
-rw-r--r--crypto/openssl/crypto/asn1/t_crl.c134
-rw-r--r--crypto/openssl/crypto/asn1/t_pkey.c839
-rw-r--r--crypto/openssl/crypto/asn1/t_req.c290
-rw-r--r--crypto/openssl/crypto/asn1/t_spki.c132
-rw-r--r--crypto/openssl/crypto/asn1/t_x509.c516
-rw-r--r--crypto/openssl/crypto/asn1/t_x509a.c110
-rw-r--r--crypto/openssl/crypto/asn1/tasn_dec.c1322
-rw-r--r--crypto/openssl/crypto/asn1/tasn_enc.c690
-rw-r--r--crypto/openssl/crypto/asn1/tasn_fre.c268
-rw-r--r--crypto/openssl/crypto/asn1/tasn_new.c395
-rw-r--r--crypto/openssl/crypto/asn1/tasn_prn.c198
-rw-r--r--crypto/openssl/crypto/asn1/tasn_typ.c137
-rw-r--r--crypto/openssl/crypto/asn1/tasn_utl.c279
-rw-r--r--crypto/openssl/crypto/asn1/x_algor.c73
-rw-r--r--crypto/openssl/crypto/asn1/x_attrib.c118
-rw-r--r--crypto/openssl/crypto/asn1/x_bignum.c139
-rw-r--r--crypto/openssl/crypto/asn1/x_crl.c140
-rw-r--r--crypto/openssl/crypto/asn1/x_exten.c71
-rw-r--r--crypto/openssl/crypto/asn1/x_info.c114
-rw-r--r--crypto/openssl/crypto/asn1/x_long.c171
-rw-r--r--crypto/openssl/crypto/asn1/x_name.c275
-rw-r--r--crypto/openssl/crypto/asn1/x_pkey.c151
-rw-r--r--crypto/openssl/crypto/asn1/x_pubkey.c531
-rw-r--r--crypto/openssl/crypto/asn1/x_req.c112
-rw-r--r--crypto/openssl/crypto/asn1/x_sig.c69
-rw-r--r--crypto/openssl/crypto/asn1/x_spki.c81
-rw-r--r--crypto/openssl/crypto/asn1/x_val.c69
-rw-r--r--crypto/openssl/crypto/asn1/x_x509.c194
-rw-r--r--crypto/openssl/crypto/asn1/x_x509a.c180
-rw-r--r--crypto/openssl/crypto/bf/COPYRIGHT46
-rw-r--r--crypto/openssl/crypto/bf/INSTALL14
-rw-r--r--crypto/openssl/crypto/bf/Makefile107
-rw-r--r--crypto/openssl/crypto/bf/README8
-rw-r--r--crypto/openssl/crypto/bf/VERSION6
-rw-r--r--crypto/openssl/crypto/bf/asm/bf-586.pl136
-rw-r--r--crypto/openssl/crypto/bf/asm/bf-686.pl127
-rw-r--r--crypto/openssl/crypto/bf/asm/readme10
-rw-r--r--crypto/openssl/crypto/bf/bf_cbc.c143
-rw-r--r--crypto/openssl/crypto/bf/bf_cfb64.c121
-rw-r--r--crypto/openssl/crypto/bf/bf_ecb.c96
-rw-r--r--crypto/openssl/crypto/bf/bf_enc.c306
-rw-r--r--crypto/openssl/crypto/bf/bf_locl.h219
-rw-r--r--crypto/openssl/crypto/bf/bf_ofb64.c110
-rw-r--r--crypto/openssl/crypto/bf/bf_opts.c331
-rw-r--r--crypto/openssl/crypto/bf/bf_pi.h325
-rw-r--r--crypto/openssl/crypto/bf/bf_skey.c116
-rw-r--r--crypto/openssl/crypto/bf/bfs.cpp67
-rw-r--r--crypto/openssl/crypto/bf/bfspeed.c277
-rw-r--r--crypto/openssl/crypto/bf/bftest.c540
-rw-r--r--crypto/openssl/crypto/bf/blowfish.h127
-rw-r--r--crypto/openssl/crypto/bio/Makefile221
-rw-r--r--crypto/openssl/crypto/bio/b_dump.c187
-rw-r--r--crypto/openssl/crypto/bio/b_print.c842
-rw-r--r--crypto/openssl/crypto/bio/b_sock.c786
-rw-r--r--crypto/openssl/crypto/bio/bf_buff.c511
-rw-r--r--crypto/openssl/crypto/bio/bf_lbuf.c397
-rw-r--r--crypto/openssl/crypto/bio/bf_nbio.c255
-rw-r--r--crypto/openssl/crypto/bio/bf_null.c183
-rw-r--r--crypto/openssl/crypto/bio/bio.h770
-rw-r--r--crypto/openssl/crypto/bio/bio_cb.c139
-rw-r--r--crypto/openssl/crypto/bio/bio_err.c157
-rw-r--r--crypto/openssl/crypto/bio/bio_lcl.h28
-rw-r--r--crypto/openssl/crypto/bio/bio_lib.c556
-rw-r--r--crypto/openssl/crypto/bio/bss_acpt.c479
-rw-r--r--crypto/openssl/crypto/bio/bss_bio.c924
-rw-r--r--crypto/openssl/crypto/bio/bss_conn.c652
-rw-r--r--crypto/openssl/crypto/bio/bss_dgram.c484
-rw-r--r--crypto/openssl/crypto/bio/bss_fd.c294
-rw-r--r--crypto/openssl/crypto/bio/bss_file.c424
-rw-r--r--crypto/openssl/crypto/bio/bss_log.c402
-rw-r--r--crypto/openssl/crypto/bio/bss_mem.c321
-rw-r--r--crypto/openssl/crypto/bio/bss_null.c150
-rw-r--r--crypto/openssl/crypto/bio/bss_rtcp.c294
-rw-r--r--crypto/openssl/crypto/bio/bss_sock.c302
-rw-r--r--crypto/openssl/crypto/bn/Makefile343
-rw-r--r--crypto/openssl/crypto/bn/asm/README27
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.s3199
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.s.works533
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/add.pl119
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/div.pl144
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/mul.pl116
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/mul_add.pl120
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/mul_c4.pl213
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/mul_c4.works.pl98
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/mul_c8.pl177
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/sqr.pl113
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/sqr_c4.pl109
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/sqr_c8.pl132
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha.works/sub.pl108
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/add.pl118
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/div.pl144
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/mul.pl104
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/mul_add.pl123
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/mul_c4.pl215
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/mul_c4.works.pl98
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/mul_c8.pl177
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/sqr.pl113
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/sqr_c4.pl109
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/sqr_c8.pl132
-rw-r--r--crypto/openssl/crypto/bn/asm/alpha/sub.pl108
-rw-r--r--crypto/openssl/crypto/bn/asm/bn-586.pl675
-rw-r--r--crypto/openssl/crypto/bn/asm/bn-alpha.pl571
-rw-r--r--crypto/openssl/crypto/bn/asm/ca.pl33
-rw-r--r--crypto/openssl/crypto/bn/asm/co-586.pl286
-rw-r--r--crypto/openssl/crypto/bn/asm/co-alpha.pl116
-rw-r--r--crypto/openssl/crypto/bn/asm/ia64.S1560
-rw-r--r--crypto/openssl/crypto/bn/asm/mips1.s539
-rw-r--r--crypto/openssl/crypto/bn/asm/mips3.s2201
-rw-r--r--crypto/openssl/crypto/bn/asm/pa-risc.s710
-rw-r--r--crypto/openssl/crypto/bn/asm/pa-risc2.s1618
-rw-r--r--crypto/openssl/crypto/bn/asm/pa-risc2W.s1605
-rw-r--r--crypto/openssl/crypto/bn/asm/ppc.pl2078
-rw-r--r--crypto/openssl/crypto/bn/asm/r3000.s646
-rw-r--r--crypto/openssl/crypto/bn/asm/sparcv8.S1458
-rw-r--r--crypto/openssl/crypto/bn/asm/sparcv8plus.S1547
-rw-r--r--crypto/openssl/crypto/bn/asm/x86.pl28
-rw-r--r--crypto/openssl/crypto/bn/asm/x86/add.pl76
-rw-r--r--crypto/openssl/crypto/bn/asm/x86/comba.pl277
-rw-r--r--crypto/openssl/crypto/bn/asm/x86/div.pl15
-rw-r--r--crypto/openssl/crypto/bn/asm/x86/f3
-rw-r--r--crypto/openssl/crypto/bn/asm/x86/mul.pl77
-rw-r--r--crypto/openssl/crypto/bn/asm/x86/mul_add.pl87
-rw-r--r--crypto/openssl/crypto/bn/asm/x86/sqr.pl60
-rw-r--r--crypto/openssl/crypto/bn/asm/x86/sub.pl76
-rw-r--r--crypto/openssl/crypto/bn/asm/x86_64-gcc.c597
-rw-r--r--crypto/openssl/crypto/bn/bn.h827
-rw-r--r--crypto/openssl/crypto/bn/bn.mul19
-rw-r--r--crypto/openssl/crypto/bn/bn_add.c313
-rw-r--r--crypto/openssl/crypto/bn/bn_asm.c860
-rw-r--r--crypto/openssl/crypto/bn/bn_blind.c359
-rwxr-xr-xcrypto/openssl/crypto/bn/bn_const.c402
-rw-r--r--crypto/openssl/crypto/bn/bn_ctx.c454
-rw-r--r--crypto/openssl/crypto/bn/bn_depr.c112
-rw-r--r--crypto/openssl/crypto/bn/bn_div.c400
-rw-r--r--crypto/openssl/crypto/bn/bn_err.c151
-rw-r--r--crypto/openssl/crypto/bn/bn_exp.c990
-rw-r--r--crypto/openssl/crypto/bn/bn_exp2.c311
-rw-r--r--crypto/openssl/crypto/bn/bn_gcd.c493
-rw-r--r--crypto/openssl/crypto/bn/bn_gf2m.c1091
-rw-r--r--crypto/openssl/crypto/bn/bn_kron.c184
-rw-r--r--crypto/openssl/crypto/bn/bn_lcl.h489
-rw-r--r--crypto/openssl/crypto/bn/bn_lib.c845
-rw-r--r--crypto/openssl/crypto/bn/bn_mod.c301
-rw-r--r--crypto/openssl/crypto/bn/bn_mont.c437
-rw-r--r--crypto/openssl/crypto/bn/bn_mpi.c130
-rw-r--r--crypto/openssl/crypto/bn/bn_mul.c1164
-rw-r--r--crypto/openssl/crypto/bn/bn_nist.c775
-rw-r--r--crypto/openssl/crypto/bn/bn_prime.c494
-rw-r--r--crypto/openssl/crypto/bn/bn_prime.h325
-rw-r--r--crypto/openssl/crypto/bn/bn_prime.pl117
-rw-r--r--crypto/openssl/crypto/bn/bn_print.c338
-rw-r--r--crypto/openssl/crypto/bn/bn_rand.c305
-rw-r--r--crypto/openssl/crypto/bn/bn_recp.c234
-rw-r--r--crypto/openssl/crypto/bn/bn_shift.c220
-rw-r--r--crypto/openssl/crypto/bn/bn_sqr.c294
-rw-r--r--crypto/openssl/crypto/bn/bn_sqrt.c393
-rw-r--r--crypto/openssl/crypto/bn/bn_word.c247
-rw-r--r--crypto/openssl/crypto/bn/bnspeed.c233
-rw-r--r--crypto/openssl/crypto/bn/bntest.c2011
-rw-r--r--crypto/openssl/crypto/bn/divtest.c41
-rw-r--r--crypto/openssl/crypto/bn/exp.c62
-rw-r--r--crypto/openssl/crypto/bn/expspeed.c353
-rw-r--r--crypto/openssl/crypto/bn/exptest.c204
-rw-r--r--crypto/openssl/crypto/bn/todo3
-rw-r--r--crypto/openssl/crypto/buffer/Makefile90
-rw-r--r--crypto/openssl/crypto/buffer/buf_err.c102
-rw-r--r--crypto/openssl/crypto/buffer/buffer.c221
-rw-r--r--crypto/openssl/crypto/buffer/buffer.h118
-rw-r--r--crypto/openssl/crypto/camellia/Makefile103
-rw-r--r--crypto/openssl/crypto/camellia/camellia.c1688
-rw-r--r--crypto/openssl/crypto/camellia/camellia.h129
-rw-r--r--crypto/openssl/crypto/camellia/cmll_cbc.c234
-rw-r--r--crypto/openssl/crypto/camellia/cmll_cfb.c235
-rw-r--r--crypto/openssl/crypto/camellia/cmll_ctr.c143
-rw-r--r--crypto/openssl/crypto/camellia/cmll_ecb.c74
-rw-r--r--crypto/openssl/crypto/camellia/cmll_locl.h178
-rw-r--r--crypto/openssl/crypto/camellia/cmll_misc.c110
-rw-r--r--crypto/openssl/crypto/camellia/cmll_ofb.c141
-rw-r--r--crypto/openssl/crypto/cast/Makefile106
-rw-r--r--crypto/openssl/crypto/cast/asm/cast-586.pl176
-rw-r--r--crypto/openssl/crypto/cast/asm/readme7
-rw-r--r--crypto/openssl/crypto/cast/c_cfb64.c122
-rw-r--r--crypto/openssl/crypto/cast/c_ecb.c80
-rw-r--r--crypto/openssl/crypto/cast/c_enc.c207
-rw-r--r--crypto/openssl/crypto/cast/c_ofb64.c111
-rw-r--r--crypto/openssl/crypto/cast/c_skey.c166
-rw-r--r--crypto/openssl/crypto/cast/cast.h105
-rw-r--r--crypto/openssl/crypto/cast/cast_lcl.h227
-rw-r--r--crypto/openssl/crypto/cast/cast_s.h585
-rw-r--r--crypto/openssl/crypto/cast/cast_spd.c278
-rw-r--r--crypto/openssl/crypto/cast/castopts.c342
-rw-r--r--crypto/openssl/crypto/cast/casts.cpp70
-rw-r--r--crypto/openssl/crypto/cast/casttest.c233
-rw-r--r--crypto/openssl/crypto/comp/Makefile108
-rw-r--r--crypto/openssl/crypto/comp/c_rle.c62
-rw-r--r--crypto/openssl/crypto/comp/c_zlib.c387
-rw-r--r--crypto/openssl/crypto/comp/comp.h66
-rw-r--r--crypto/openssl/crypto/comp/comp_err.c96
-rw-r--r--crypto/openssl/crypto/comp/comp_lib.c72
-rw-r--r--crypto/openssl/crypto/conf/Makefile152
-rw-r--r--crypto/openssl/crypto/conf/README78
-rw-r--r--crypto/openssl/crypto/conf/cnf_save.c106
-rw-r--r--crypto/openssl/crypto/conf/conf.h253
-rw-r--r--crypto/openssl/crypto/conf/conf_api.c308
-rw-r--r--crypto/openssl/crypto/conf/conf_api.h89
-rw-r--r--crypto/openssl/crypto/conf/conf_def.c750
-rw-r--r--crypto/openssl/crypto/conf/conf_def.h180
-rw-r--r--crypto/openssl/crypto/conf/conf_err.c132
-rw-r--r--crypto/openssl/crypto/conf/conf_lib.c401
-rw-r--r--crypto/openssl/crypto/conf/conf_mall.c80
-rw-r--r--crypto/openssl/crypto/conf/conf_mod.c616
-rw-r--r--crypto/openssl/crypto/conf/conf_sap.c111
-rw-r--r--crypto/openssl/crypto/conf/keysets.pl185
-rw-r--r--crypto/openssl/crypto/conf/ssleay.cnf78
-rw-r--r--crypto/openssl/crypto/conf/test.c98
-rw-r--r--crypto/openssl/crypto/cpt_err.c106
-rw-r--r--crypto/openssl/crypto/cryptlib.c758
-rw-r--r--crypto/openssl/crypto/cryptlib.h112
-rw-r--r--crypto/openssl/crypto/crypto.h550
-rw-r--r--crypto/openssl/crypto/cversion.c117
-rw-r--r--crypto/openssl/crypto/des/COPYRIGHT50
-rw-r--r--crypto/openssl/crypto/des/DES.pm19
-rw-r--r--crypto/openssl/crypto/des/DES.xs268
-rw-r--r--crypto/openssl/crypto/des/FILES096
-rw-r--r--crypto/openssl/crypto/des/INSTALL69
-rw-r--r--crypto/openssl/crypto/des/Imakefile35
-rw-r--r--crypto/openssl/crypto/des/KERBEROS41
-rw-r--r--crypto/openssl/crypto/des/Makefile292
-rw-r--r--crypto/openssl/crypto/des/README54
-rw-r--r--crypto/openssl/crypto/des/VERSION412
-rw-r--r--crypto/openssl/crypto/des/asm/crypt586.pl208
-rw-r--r--crypto/openssl/crypto/des/asm/des-586.pl251
-rw-r--r--crypto/openssl/crypto/des/asm/des686.pl230
-rw-r--r--crypto/openssl/crypto/des/asm/des_enc.m41980
-rw-r--r--crypto/openssl/crypto/des/asm/desboth.pl79
-rw-r--r--crypto/openssl/crypto/des/asm/readme131
-rw-r--r--crypto/openssl/crypto/des/cbc3_enc.c99
-rw-r--r--crypto/openssl/crypto/des/cbc_cksm.c106
-rw-r--r--crypto/openssl/crypto/des/cbc_enc.c61
-rw-r--r--crypto/openssl/crypto/des/cfb64ede.c254
-rw-r--r--crypto/openssl/crypto/des/cfb64enc.c121
-rw-r--r--crypto/openssl/crypto/des/cfb_enc.c195
-rw-r--r--crypto/openssl/crypto/des/des.c932
-rw-r--r--crypto/openssl/crypto/des/des.h244
-rw-r--r--crypto/openssl/crypto/des/des.pod217
-rw-r--r--crypto/openssl/crypto/des/des3s.cpp67
-rw-r--r--crypto/openssl/crypto/des/des_enc.c407
-rw-r--r--crypto/openssl/crypto/des/des_locl.h428
-rw-r--r--crypto/openssl/crypto/des/des_old.c271
-rw-r--r--crypto/openssl/crypto/des/des_old.h445
-rw-r--r--crypto/openssl/crypto/des/des_old2.c82
-rw-r--r--crypto/openssl/crypto/des/des_opts.c608
-rw-r--r--crypto/openssl/crypto/des/des_ver.h71
-rw-r--r--crypto/openssl/crypto/des/dess.cpp67
-rw-r--r--crypto/openssl/crypto/des/destest.c952
-rw-r--r--crypto/openssl/crypto/des/ecb3_enc.c83
-rw-r--r--crypto/openssl/crypto/des/ecb_enc.c123
-rw-r--r--crypto/openssl/crypto/des/ede_cbcm_enc.c199
-rw-r--r--crypto/openssl/crypto/des/enc_read.c228
-rw-r--r--crypto/openssl/crypto/des/enc_writ.c171
-rw-r--r--crypto/openssl/crypto/des/fcrypt.c170
-rw-r--r--crypto/openssl/crypto/des/fcrypt_b.c145
-rw-r--r--crypto/openssl/crypto/des/makefile.bc50
-rw-r--r--crypto/openssl/crypto/des/ncbc_enc.c148
-rw-r--r--crypto/openssl/crypto/des/ofb64ede.c125
-rw-r--r--crypto/openssl/crypto/des/ofb64enc.c110
-rw-r--r--crypto/openssl/crypto/des/ofb_enc.c135
-rw-r--r--crypto/openssl/crypto/des/options.txt39
-rw-r--r--crypto/openssl/crypto/des/pcbc_enc.c123
-rw-r--r--crypto/openssl/crypto/des/qud_cksm.c139
-rw-r--r--crypto/openssl/crypto/des/rand_key.c68
-rw-r--r--crypto/openssl/crypto/des/read2pwd.c140
-rw-r--r--crypto/openssl/crypto/des/read_pwd.c521
-rw-r--r--crypto/openssl/crypto/des/rpc_des.h131
-rw-r--r--crypto/openssl/crypto/des/rpc_enc.c98
-rw-r--r--crypto/openssl/crypto/des/rpw.c99
-rw-r--r--crypto/openssl/crypto/des/set_key.c407
-rw-r--r--crypto/openssl/crypto/des/speed.c314
-rw-r--r--crypto/openssl/crypto/des/spr.h204
-rw-r--r--crypto/openssl/crypto/des/str2key.c174
-rw-r--r--crypto/openssl/crypto/des/t/test27
-rw-r--r--crypto/openssl/crypto/des/times/486-50.sol16
-rw-r--r--crypto/openssl/crypto/des/times/586-100.lnx20
-rw-r--r--crypto/openssl/crypto/des/times/686-200.fre18
-rw-r--r--crypto/openssl/crypto/des/times/aix.cc26
-rw-r--r--crypto/openssl/crypto/des/times/alpha.cc18
-rw-r--r--crypto/openssl/crypto/des/times/hpux.cc17
-rw-r--r--crypto/openssl/crypto/des/times/sparc.gcc17
-rw-r--r--crypto/openssl/crypto/des/times/usparc.cc31
-rw-r--r--crypto/openssl/crypto/des/typemap34
-rw-r--r--crypto/openssl/crypto/des/xcbc_enc.c195
-rw-r--r--crypto/openssl/crypto/dh/Makefile133
-rw-r--r--crypto/openssl/crypto/dh/dh.h234
-rw-r--r--crypto/openssl/crypto/dh/dh1024.pem5
-rw-r--r--crypto/openssl/crypto/dh/dh192.pem3
-rw-r--r--crypto/openssl/crypto/dh/dh2048.pem16
-rw-r--r--crypto/openssl/crypto/dh/dh4096.pem14
-rw-r--r--crypto/openssl/crypto/dh/dh512.pem4
-rw-r--r--crypto/openssl/crypto/dh/dh_asn1.c87
-rw-r--r--crypto/openssl/crypto/dh/dh_check.c142
-rw-r--r--crypto/openssl/crypto/dh/dh_depr.c83
-rw-r--r--crypto/openssl/crypto/dh/dh_err.c107
-rw-r--r--crypto/openssl/crypto/dh/dh_gen.c175
-rw-r--r--crypto/openssl/crypto/dh/dh_lib.c247
-rw-r--r--crypto/openssl/crypto/dh/dhtest.c226
-rw-r--r--crypto/openssl/crypto/dh/example50
-rw-r--r--crypto/openssl/crypto/dh/generate65
-rw-r--r--crypto/openssl/crypto/dh/p1024.c92
-rw-r--r--crypto/openssl/crypto/dh/p192.c80
-rw-r--r--crypto/openssl/crypto/dh/p512.c85
-rw-r--r--crypto/openssl/crypto/dsa/Makefile164
-rw-r--r--crypto/openssl/crypto/dsa/README4
-rw-r--r--crypto/openssl/crypto/dsa/dsa.h285
-rw-r--r--crypto/openssl/crypto/dsa/dsa_asn1.c140
-rw-r--r--crypto/openssl/crypto/dsa/dsa_depr.c106
-rw-r--r--crypto/openssl/crypto/dsa/dsa_err.c114
-rw-r--r--crypto/openssl/crypto/dsa/dsa_gen.c315
-rw-r--r--crypto/openssl/crypto/dsa/dsa_key.c128
-rw-r--r--crypto/openssl/crypto/dsa/dsa_lib.c311
-rw-r--r--crypto/openssl/crypto/dsa/dsa_ossl.c393
-rw-r--r--crypto/openssl/crypto/dsa/dsa_sign.c92
-rw-r--r--crypto/openssl/crypto/dsa/dsa_vrf.c94
-rw-r--r--crypto/openssl/crypto/dsa/dsagen.c111
-rw-r--r--crypto/openssl/crypto/dsa/dsatest.c260
-rw-r--r--crypto/openssl/crypto/dsa/fips186a.txt122
-rw-r--r--crypto/openssl/crypto/dso/Makefile142
-rw-r--r--crypto/openssl/crypto/dso/README22
-rw-r--r--crypto/openssl/crypto/dso/dso.h368
-rw-r--r--crypto/openssl/crypto/dso/dso_dl.c353
-rw-r--r--crypto/openssl/crypto/dso/dso_dlfcn.c369
-rw-r--r--crypto/openssl/crypto/dso/dso_err.c150
-rw-r--r--crypto/openssl/crypto/dso/dso_lib.c466
-rw-r--r--crypto/openssl/crypto/dso/dso_null.c88
-rw-r--r--crypto/openssl/crypto/dso/dso_openssl.c81
-rw-r--r--crypto/openssl/crypto/ebcdic.c221
-rw-r--r--crypto/openssl/crypto/ebcdic.h19
-rw-r--r--crypto/openssl/crypto/ec/Makefile193
-rw-r--r--crypto/openssl/crypto/ec/ec.h525
-rw-r--r--crypto/openssl/crypto/ec/ec2_mult.c380
-rw-r--r--crypto/openssl/crypto/ec/ec2_smpl.c971
-rw-r--r--crypto/openssl/crypto/ec/ec2_smpt.c141
-rw-r--r--crypto/openssl/crypto/ec/ec_asn1.c1425
-rw-r--r--crypto/openssl/crypto/ec/ec_check.c123
-rw-r--r--crypto/openssl/crypto/ec/ec_curve.c1270
-rw-r--r--crypto/openssl/crypto/ec/ec_cvt.c144
-rw-r--r--crypto/openssl/crypto/ec/ec_err.c241
-rw-r--r--crypto/openssl/crypto/ec/ec_key.c465
-rw-r--r--crypto/openssl/crypto/ec/ec_lcl.h390
-rw-r--r--crypto/openssl/crypto/ec/ec_lib.c1164
-rw-r--r--crypto/openssl/crypto/ec/ec_mult.c910
-rw-r--r--crypto/openssl/crypto/ec/ec_print.c195
-rw-r--r--crypto/openssl/crypto/ec/ecp_mont.c315
-rw-r--r--crypto/openssl/crypto/ec/ecp_nist.c236
-rw-r--r--crypto/openssl/crypto/ec/ecp_recp.c133
-rw-r--r--crypto/openssl/crypto/ec/ecp_smpl.c1716
-rw-r--r--crypto/openssl/crypto/ec/ectest.c1336
-rw-r--r--crypto/openssl/crypto/ecdh/Makefile111
-rw-r--r--crypto/openssl/crypto/ecdh/ecdh.h123
-rw-r--r--crypto/openssl/crypto/ecdh/ecdhtest.c368
-rw-r--r--crypto/openssl/crypto/ecdh/ech_err.c101
-rw-r--r--crypto/openssl/crypto/ecdh/ech_key.c83
-rw-r--r--crypto/openssl/crypto/ecdh/ech_lib.c247
-rw-r--r--crypto/openssl/crypto/ecdh/ech_locl.h94
-rw-r--r--crypto/openssl/crypto/ecdh/ech_ossl.c213
-rw-r--r--crypto/openssl/crypto/ecdsa/Makefile125
-rw-r--r--crypto/openssl/crypto/ecdsa/ecdsa.h270
-rw-r--r--crypto/openssl/crypto/ecdsa/ecdsatest.c500
-rw-r--r--crypto/openssl/crypto/ecdsa/ecs_asn1.c67
-rw-r--r--crypto/openssl/crypto/ecdsa/ecs_err.c106
-rw-r--r--crypto/openssl/crypto/ecdsa/ecs_lib.c261
-rw-r--r--crypto/openssl/crypto/ecdsa/ecs_locl.h107
-rw-r--r--crypto/openssl/crypto/ecdsa/ecs_ossl.c442
-rw-r--r--crypto/openssl/crypto/ecdsa/ecs_sign.c104
-rw-r--r--crypto/openssl/crypto/ecdsa/ecs_vrf.c96
-rw-r--r--crypto/openssl/crypto/engine/Makefile288
-rw-r--r--crypto/openssl/crypto/engine/README211
-rw-r--r--crypto/openssl/crypto/engine/eng_all.c120
-rw-r--r--crypto/openssl/crypto/engine/eng_cnf.c239
-rw-r--r--crypto/openssl/crypto/engine/eng_cryptodev.c1133
-rw-r--r--crypto/openssl/crypto/engine/eng_ctrl.c389
-rw-r--r--crypto/openssl/crypto/engine/eng_dyn.c548
-rw-r--r--crypto/openssl/crypto/engine/eng_err.c171
-rw-r--r--crypto/openssl/crypto/engine/eng_fat.c167
-rw-r--r--crypto/openssl/crypto/engine/eng_init.c154
-rw-r--r--crypto/openssl/crypto/engine/eng_int.h194
-rw-r--r--crypto/openssl/crypto/engine/eng_lib.c329
-rw-r--r--crypto/openssl/crypto/engine/eng_list.c431
-rw-r--r--crypto/openssl/crypto/engine/eng_openssl.c384
-rw-r--r--crypto/openssl/crypto/engine/eng_padlock.c1216
-rw-r--r--crypto/openssl/crypto/engine/eng_pkey.c154
-rw-r--r--crypto/openssl/crypto/engine/eng_table.c315
-rw-r--r--crypto/openssl/crypto/engine/engine.h785
-rw-r--r--crypto/openssl/crypto/engine/enginetest.c283
-rw-r--r--crypto/openssl/crypto/engine/hw.ec8
-rw-r--r--crypto/openssl/crypto/engine/hw_4758_cca.c969
-rw-r--r--crypto/openssl/crypto/engine/hw_4758_cca_err.c149
-rw-r--r--crypto/openssl/crypto/engine/hw_4758_cca_err.h93
-rw-r--r--crypto/openssl/crypto/engine/hw_aep.c1119
-rw-r--r--crypto/openssl/crypto/engine/hw_aep_err.c157
-rw-r--r--crypto/openssl/crypto/engine/hw_aep_err.h101
-rw-r--r--crypto/openssl/crypto/engine/hw_atalla.c594
-rw-r--r--crypto/openssl/crypto/engine/hw_atalla_err.c145
-rw-r--r--crypto/openssl/crypto/engine/hw_atalla_err.h89
-rw-r--r--crypto/openssl/crypto/engine/hw_cryptodev.c1135
-rw-r--r--crypto/openssl/crypto/engine/hw_cswift.c997
-rw-r--r--crypto/openssl/crypto/engine/hw_cswift_err.c149
-rw-r--r--crypto/openssl/crypto/engine/hw_cswift_err.h93
-rw-r--r--crypto/openssl/crypto/engine/hw_ncipher.c1388
-rw-r--r--crypto/openssl/crypto/engine/hw_ncipher_err.c157
-rw-r--r--crypto/openssl/crypto/engine/hw_ncipher_err.h101
-rw-r--r--crypto/openssl/crypto/engine/hw_nuron.c418
-rw-r--r--crypto/openssl/crypto/engine/hw_nuron_err.c142
-rw-r--r--crypto/openssl/crypto/engine/hw_nuron_err.h86
-rw-r--r--crypto/openssl/crypto/engine/hw_sureware.c1039
-rw-r--r--crypto/openssl/crypto/engine/hw_sureware_err.c150
-rw-r--r--crypto/openssl/crypto/engine/hw_sureware_err.h94
-rw-r--r--crypto/openssl/crypto/engine/hw_ubsec.c1060
-rw-r--r--crypto/openssl/crypto/engine/hw_ubsec_err.c151
-rw-r--r--crypto/openssl/crypto/engine/hw_ubsec_err.h95
-rw-r--r--crypto/openssl/crypto/engine/tb_cipher.c143
-rw-r--r--crypto/openssl/crypto/engine/tb_dh.c118
-rw-r--r--crypto/openssl/crypto/engine/tb_digest.c143
-rw-r--r--crypto/openssl/crypto/engine/tb_dsa.c118
-rw-r--r--crypto/openssl/crypto/engine/tb_ecdh.c133
-rw-r--r--crypto/openssl/crypto/engine/tb_ecdsa.c118
-rw-r--r--crypto/openssl/crypto/engine/tb_rand.c118
-rw-r--r--crypto/openssl/crypto/engine/tb_rsa.c118
-rw-r--r--crypto/openssl/crypto/engine/tb_store.c123
-rw-r--r--crypto/openssl/crypto/engine/vendor_defns/aep.h178
-rw-r--r--crypto/openssl/crypto/engine/vendor_defns/atalla.h48
-rw-r--r--crypto/openssl/crypto/engine/vendor_defns/cswift.h234
-rw-r--r--crypto/openssl/crypto/engine/vendor_defns/hw_4758_cca.h149
-rw-r--r--crypto/openssl/crypto/engine/vendor_defns/hw_ubsec.h100
-rw-r--r--crypto/openssl/crypto/engine/vendor_defns/hwcryptohook.h486
-rw-r--r--crypto/openssl/crypto/engine/vendor_defns/sureware.h239
-rw-r--r--crypto/openssl/crypto/err/Makefile109
-rw-r--r--crypto/openssl/crypto/err/err.c1128
-rw-r--r--crypto/openssl/crypto/err/err.h318
-rw-r--r--crypto/openssl/crypto/err/err_all.c146
-rw-r--r--crypto/openssl/crypto/err/err_prn.c111
-rw-r--r--crypto/openssl/crypto/err/openssl.ec85
-rw-r--r--crypto/openssl/crypto/evp/Makefile638
-rw-r--r--crypto/openssl/crypto/evp/bio_b64.c567
-rw-r--r--crypto/openssl/crypto/evp/bio_enc.c426
-rw-r--r--crypto/openssl/crypto/evp/bio_md.c263
-rw-r--r--crypto/openssl/crypto/evp/bio_ok.c575
-rw-r--r--crypto/openssl/crypto/evp/c_all.c90
-rw-r--r--crypto/openssl/crypto/evp/c_allc.c216
-rw-r--r--crypto/openssl/crypto/evp/c_alld.c114
-rw-r--r--crypto/openssl/crypto/evp/digest.c334
-rw-r--r--crypto/openssl/crypto/evp/e_aes.c120
-rw-r--r--crypto/openssl/crypto/evp/e_bf.c88
-rw-r--r--crypto/openssl/crypto/evp/e_camellia.c131
-rw-r--r--crypto/openssl/crypto/evp/e_cast.c90
-rw-r--r--crypto/openssl/crypto/evp/e_des.c176
-rw-r--r--crypto/openssl/crypto/evp/e_des3.c271
-rw-r--r--crypto/openssl/crypto/evp/e_dsa.c71
-rw-r--r--crypto/openssl/crypto/evp/e_idea.c118
-rw-r--r--crypto/openssl/crypto/evp/e_null.c102
-rw-r--r--crypto/openssl/crypto/evp/e_old.c125
-rw-r--r--crypto/openssl/crypto/evp/e_rc2.c232
-rw-r--r--crypto/openssl/crypto/evp/e_rc4.c136
-rw-r--r--crypto/openssl/crypto/evp/e_rc5.c126
-rw-r--r--crypto/openssl/crypto/evp/e_xcbc_d.c125
-rw-r--r--crypto/openssl/crypto/evp/encode.c446
-rw-r--r--crypto/openssl/crypto/evp/evp.h966
-rw-r--r--crypto/openssl/crypto/evp/evp_acnf.c73
-rw-r--r--crypto/openssl/crypto/evp/evp_enc.c563
-rw-r--r--crypto/openssl/crypto/evp/evp_err.c177
-rw-r--r--crypto/openssl/crypto/evp/evp_key.c175
-rw-r--r--crypto/openssl/crypto/evp/evp_lib.c170
-rw-r--r--crypto/openssl/crypto/evp/evp_locl.h236
-rw-r--r--crypto/openssl/crypto/evp/evp_pbe.c137
-rw-r--r--crypto/openssl/crypto/evp/evp_pkey.c794
-rw-r--r--crypto/openssl/crypto/evp/evp_test.c442
-rw-r--r--crypto/openssl/crypto/evp/evptests.txt312
-rw-r--r--crypto/openssl/crypto/evp/m_dss.c99
-rw-r--r--crypto/openssl/crypto/evp/m_dss1.c100
-rw-r--r--crypto/openssl/crypto/evp/m_ecdsa.c148
-rw-r--r--crypto/openssl/crypto/evp/m_md2.c101
-rw-r--r--crypto/openssl/crypto/evp/m_md4.c101
-rw-r--r--crypto/openssl/crypto/evp/m_md5.c101
-rw-r--r--crypto/openssl/crypto/evp/m_mdc2.c99
-rw-r--r--crypto/openssl/crypto/evp/m_null.c95
-rw-r--r--crypto/openssl/crypto/evp/m_ripemd.c101
-rw-r--r--crypto/openssl/crypto/evp/m_sha.c100
-rw-r--r--crypto/openssl/crypto/evp/m_sha1.c204
-rw-r--r--crypto/openssl/crypto/evp/names.c123
-rw-r--r--crypto/openssl/crypto/evp/openbsd_hw.c446
-rw-r--r--crypto/openssl/crypto/evp/p5_crpt.c159
-rw-r--r--crypto/openssl/crypto/evp/p5_crpt2.c263
-rw-r--r--crypto/openssl/crypto/evp/p_dec.c87
-rw-r--r--crypto/openssl/crypto/evp/p_enc.c86
-rw-r--r--crypto/openssl/crypto/evp/p_lib.c502
-rw-r--r--crypto/openssl/crypto/evp/p_open.c127
-rw-r--r--crypto/openssl/crypto/evp/p_seal.c115
-rw-r--r--crypto/openssl/crypto/evp/p_sign.c114
-rw-r--r--crypto/openssl/crypto/evp/p_verify.c101
-rw-r--r--crypto/openssl/crypto/ex_data.c632
-rw-r--r--crypto/openssl/crypto/hmac/Makefile85
-rw-r--r--crypto/openssl/crypto/hmac/hmac.c173
-rw-r--r--crypto/openssl/crypto/hmac/hmac.h108
-rw-r--r--crypto/openssl/crypto/hmac/hmactest.c175
-rw-r--r--crypto/openssl/crypto/ia64cpuid.S121
-rw-r--r--crypto/openssl/crypto/idea/Makefile86
-rw-r--r--crypto/openssl/crypto/idea/i_cbc.c168
-rw-r--r--crypto/openssl/crypto/idea/i_cfb64.c122
-rw-r--r--crypto/openssl/crypto/idea/i_ecb.c85
-rw-r--r--crypto/openssl/crypto/idea/i_ofb64.c111
-rw-r--r--crypto/openssl/crypto/idea/i_skey.c157
-rw-r--r--crypto/openssl/crypto/idea/idea.h100
-rw-r--r--crypto/openssl/crypto/idea/idea_lcl.h215
-rw-r--r--crypto/openssl/crypto/idea/idea_spd.c299
-rw-r--r--crypto/openssl/crypto/idea/ideatest.c235
-rw-r--r--crypto/openssl/crypto/idea/version12
-rw-r--r--crypto/openssl/crypto/krb5/Makefile84
-rw-r--r--crypto/openssl/crypto/krb5/krb5_asn.c167
-rw-r--r--crypto/openssl/crypto/krb5/krb5_asn.h256
-rw-r--r--crypto/openssl/crypto/lhash/Makefile88
-rw-r--r--crypto/openssl/crypto/lhash/lh_stats.c248
-rw-r--r--crypto/openssl/crypto/lhash/lh_test.c88
-rw-r--r--crypto/openssl/crypto/lhash/lhash.c470
-rw-r--r--crypto/openssl/crypto/lhash/lhash.h200
-rw-r--r--crypto/openssl/crypto/lhash/num.pl17
-rw-r--r--crypto/openssl/crypto/md2/Makefile89
-rw-r--r--crypto/openssl/crypto/md2/md2.c124
-rw-r--r--crypto/openssl/crypto/md2/md2.h91
-rw-r--r--crypto/openssl/crypto/md2/md2_dgst.c227
-rw-r--r--crypto/openssl/crypto/md2/md2_one.c94
-rw-r--r--crypto/openssl/crypto/md2/md2test.c143
-rw-r--r--crypto/openssl/crypto/md32_common.h623
-rw-r--r--crypto/openssl/crypto/md4/Makefile86
-rw-r--r--crypto/openssl/crypto/md4/md4.c127
-rw-r--r--crypto/openssl/crypto/md4/md4.h116
-rw-r--r--crypto/openssl/crypto/md4/md4_dgst.c258
-rw-r--r--crypto/openssl/crypto/md4/md4_locl.h156
-rw-r--r--crypto/openssl/crypto/md4/md4_one.c97
-rw-r--r--crypto/openssl/crypto/md4/md4s.cpp78
-rw-r--r--crypto/openssl/crypto/md4/md4test.c136
-rw-r--r--crypto/openssl/crypto/md5/Makefile120
-rw-r--r--crypto/openssl/crypto/md5/asm/md5-586.pl306
-rw-r--r--crypto/openssl/crypto/md5/asm/md5-sparcv9.S1031
-rwxr-xr-xcrypto/openssl/crypto/md5/asm/md5-x86_64.pl245
-rw-r--r--crypto/openssl/crypto/md5/md5.c127
-rw-r--r--crypto/openssl/crypto/md5/md5.h116
-rw-r--r--crypto/openssl/crypto/md5/md5_dgst.c292
-rw-r--r--crypto/openssl/crypto/md5/md5_locl.h176
-rw-r--r--crypto/openssl/crypto/md5/md5_one.c97
-rw-r--r--crypto/openssl/crypto/md5/md5s.cpp78
-rw-r--r--crypto/openssl/crypto/md5/md5test.c140
-rw-r--r--crypto/openssl/crypto/mdc2/Makefile93
-rw-r--r--crypto/openssl/crypto/mdc2/mdc2.h95
-rw-r--r--crypto/openssl/crypto/mdc2/mdc2_one.c76
-rw-r--r--crypto/openssl/crypto/mdc2/mdc2dgst.c199
-rw-r--r--crypto/openssl/crypto/mdc2/mdc2test.c149
-rw-r--r--crypto/openssl/crypto/mem.c401
-rw-r--r--crypto/openssl/crypto/mem_clr.c75
-rw-r--r--crypto/openssl/crypto/mem_dbg.c795
-rw-r--r--crypto/openssl/crypto/o_dir.c83
-rw-r--r--crypto/openssl/crypto/o_dir.h53
-rw-r--r--crypto/openssl/crypto/o_dir_test.c70
-rw-r--r--crypto/openssl/crypto/o_str.c105
-rw-r--r--crypto/openssl/crypto/o_str.h68
-rw-r--r--crypto/openssl/crypto/o_time.c217
-rw-r--r--crypto/openssl/crypto/o_time.h66
-rw-r--r--crypto/openssl/crypto/objects/Makefile119
-rw-r--r--crypto/openssl/crypto/objects/o_names.c369
-rw-r--r--crypto/openssl/crypto/objects/obj_dat.c785
-rw-r--r--crypto/openssl/crypto/objects/obj_dat.h4251
-rw-r--r--crypto/openssl/crypto/objects/obj_dat.pl307
-rw-r--r--crypto/openssl/crypto/objects/obj_err.c105
-rw-r--r--crypto/openssl/crypto/objects/obj_lib.c128
-rw-r--r--crypto/openssl/crypto/objects/obj_mac.h3393
-rw-r--r--crypto/openssl/crypto/objects/obj_mac.num768
-rw-r--r--crypto/openssl/crypto/objects/objects.README44
-rw-r--r--crypto/openssl/crypto/objects/objects.h1049
-rw-r--r--crypto/openssl/crypto/objects/objects.pl229
-rw-r--r--crypto/openssl/crypto/objects/objects.txt1087
-rw-r--r--crypto/openssl/crypto/ocsp/Makefile213
-rw-r--r--crypto/openssl/crypto/ocsp/ocsp.h614
-rw-r--r--crypto/openssl/crypto/ocsp/ocsp_asn.c182
-rwxr-xr-xcrypto/openssl/crypto/ocsp/ocsp_cl.c372
-rw-r--r--crypto/openssl/crypto/ocsp/ocsp_err.c143
-rwxr-xr-xcrypto/openssl/crypto/ocsp/ocsp_ext.c545
-rw-r--r--crypto/openssl/crypto/ocsp/ocsp_ht.c173
-rwxr-xr-xcrypto/openssl/crypto/ocsp/ocsp_lib.c262
-rw-r--r--crypto/openssl/crypto/ocsp/ocsp_prn.c291
-rwxr-xr-xcrypto/openssl/crypto/ocsp/ocsp_srv.c264
-rw-r--r--crypto/openssl/crypto/ocsp/ocsp_vfy.c444
-rw-r--r--crypto/openssl/crypto/opensslconf.h208
-rw-r--r--crypto/openssl/crypto/opensslconf.h.in159
-rw-r--r--crypto/openssl/crypto/opensslv.h89
-rw-r--r--crypto/openssl/crypto/ossl_typ.h174
-rw-r--r--crypto/openssl/crypto/pem/Makefile241
-rw-r--r--crypto/openssl/crypto/pem/message16
-rw-r--r--crypto/openssl/crypto/pem/pem.h737
-rw-r--r--crypto/openssl/crypto/pem/pem2.h70
-rw-r--r--crypto/openssl/crypto/pem/pem_all.c308
-rw-r--r--crypto/openssl/crypto/pem/pem_err.c138
-rw-r--r--crypto/openssl/crypto/pem/pem_info.c397
-rw-r--r--crypto/openssl/crypto/pem/pem_lib.c778
-rw-r--r--crypto/openssl/crypto/pem/pem_oth.c86
-rw-r--r--crypto/openssl/crypto/pem/pem_pk8.c242
-rw-r--r--crypto/openssl/crypto/pem/pem_pkey.c148
-rw-r--r--crypto/openssl/crypto/pem/pem_seal.c189
-rw-r--r--crypto/openssl/crypto/pem/pem_sign.c102
-rw-r--r--crypto/openssl/crypto/pem/pem_x509.c69
-rw-r--r--crypto/openssl/crypto/pem/pem_xaux.c69
-rw-r--r--crypto/openssl/crypto/pem/pkcs7.lis22
-rw-r--r--crypto/openssl/crypto/perlasm/alpha.pl434
-rw-r--r--crypto/openssl/crypto/perlasm/cbc.pl351
-rw-r--r--crypto/openssl/crypto/perlasm/readme124
-rwxr-xr-xcrypto/openssl/crypto/perlasm/x86_64-xlate.pl506
-rw-r--r--crypto/openssl/crypto/perlasm/x86asm.pl130
-rw-r--r--crypto/openssl/crypto/perlasm/x86ms.pl464
-rw-r--r--crypto/openssl/crypto/perlasm/x86nasm.pl451
-rw-r--r--crypto/openssl/crypto/perlasm/x86unix.pl761
-rw-r--r--crypto/openssl/crypto/pkcs12/Makefile286
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_add.c224
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_asn.c125
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_attr.c145
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_crpt.c130
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_crt.c348
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_decr.c177
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_init.c92
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_key.c206
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_kiss.c297
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_mutl.c182
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_npas.c216
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_p8d.c68
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_p8e.c97
-rw-r--r--crypto/openssl/crypto/pkcs12/p12_utl.c146
-rw-r--r--crypto/openssl/crypto/pkcs12/pk12err.c147
-rw-r--r--crypto/openssl/crypto/pkcs12/pkcs12.h333
-rw-r--r--crypto/openssl/crypto/pkcs7/Makefile187
-rw-r--r--crypto/openssl/crypto/pkcs7/bio_ber.c466
-rw-r--r--crypto/openssl/crypto/pkcs7/dec.c248
-rw-r--r--crypto/openssl/crypto/pkcs7/des.pem15
-rw-r--r--crypto/openssl/crypto/pkcs7/doc24
-rw-r--r--crypto/openssl/crypto/pkcs7/enc.c174
-rw-r--r--crypto/openssl/crypto/pkcs7/es1.pem66
-rw-r--r--crypto/openssl/crypto/pkcs7/example.c329
-rw-r--r--crypto/openssl/crypto/pkcs7/example.h57
-rw-r--r--crypto/openssl/crypto/pkcs7/info.pem57
-rw-r--r--crypto/openssl/crypto/pkcs7/infokey.pem9
-rw-r--r--crypto/openssl/crypto/pkcs7/p7/a12
-rw-r--r--crypto/openssl/crypto/pkcs7/p7/a21
-rw-r--r--crypto/openssl/crypto/pkcs7/p7/cert.p7cbin1728 -> 0 bytes
-rw-r--r--crypto/openssl/crypto/pkcs7/p7/smime.p7mbin4894 -> 0 bytes
-rw-r--r--crypto/openssl/crypto/pkcs7/p7/smime.p7sbin2625 -> 0 bytes
-rw-r--r--crypto/openssl/crypto/pkcs7/pk7_asn1.c214
-rw-r--r--crypto/openssl/crypto/pkcs7/pk7_attr.c141
-rw-r--r--crypto/openssl/crypto/pkcs7/pk7_dgst.c66
-rw-r--r--crypto/openssl/crypto/pkcs7/pk7_doit.c1106
-rw-r--r--crypto/openssl/crypto/pkcs7/pk7_enc.c76
-rw-r--r--crypto/openssl/crypto/pkcs7/pk7_lib.c561
-rw-r--r--crypto/openssl/crypto/pkcs7/pk7_mime.c773
-rw-r--r--crypto/openssl/crypto/pkcs7/pk7_smime.c480
-rw-r--r--crypto/openssl/crypto/pkcs7/pkcs7.h464
-rw-r--r--crypto/openssl/crypto/pkcs7/pkcs7err.c170
-rw-r--r--crypto/openssl/crypto/pkcs7/server.pem24
-rw-r--r--crypto/openssl/crypto/pkcs7/sign.c154
-rw-r--r--crypto/openssl/crypto/pkcs7/t/3des.pem16
-rw-r--r--crypto/openssl/crypto/pkcs7/t/3dess.pem32
-rw-r--r--crypto/openssl/crypto/pkcs7/t/c.pem48
-rw-r--r--crypto/openssl/crypto/pkcs7/t/ff32
-rw-r--r--crypto/openssl/crypto/pkcs7/t/msie-e20
-rw-r--r--crypto/openssl/crypto/pkcs7/t/msie-e.pem22
-rw-r--r--crypto/openssl/crypto/pkcs7/t/msie-enc-0162
-rw-r--r--crypto/openssl/crypto/pkcs7/t/msie-enc-01.pem66
-rw-r--r--crypto/openssl/crypto/pkcs7/t/msie-enc-0290
-rw-r--r--crypto/openssl/crypto/pkcs7/t/msie-enc-02.pem106
-rw-r--r--crypto/openssl/crypto/pkcs7/t/msie-s-a-e91
-rw-r--r--crypto/openssl/crypto/pkcs7/t/msie-s-a-e.pem106
-rw-r--r--crypto/openssl/crypto/pkcs7/t/nav-smime157
-rw-r--r--crypto/openssl/crypto/pkcs7/t/s.pem57
-rw-r--r--crypto/openssl/crypto/pkcs7/t/server.pem57
-rw-r--r--crypto/openssl/crypto/pkcs7/verify.c263
-rw-r--r--crypto/openssl/crypto/pqueue/Makefile84
-rw-r--r--crypto/openssl/crypto/pqueue/pq_compat.h147
-rw-r--r--crypto/openssl/crypto/pqueue/pq_test.c95
-rw-r--r--crypto/openssl/crypto/pqueue/pqueue.c236
-rw-r--r--crypto/openssl/crypto/pqueue/pqueue.h95
-rw-r--r--crypto/openssl/crypto/rand/Makefile159
-rw-r--r--crypto/openssl/crypto/rand/md_rand.c572
-rw-r--r--crypto/openssl/crypto/rand/rand.h140
-rw-r--r--crypto/openssl/crypto/rand/rand_egd.c303
-rw-r--r--crypto/openssl/crypto/rand/rand_err.c99
-rwxr-xr-xcrypto/openssl/crypto/rand/rand_lcl.h158
-rw-r--r--crypto/openssl/crypto/rand/rand_lib.c176
-rw-r--r--crypto/openssl/crypto/rand/rand_nw.c176
-rw-r--r--crypto/openssl/crypto/rand/rand_os2.c147
-rw-r--r--crypto/openssl/crypto/rand/rand_unix.c330
-rw-r--r--crypto/openssl/crypto/rand/rand_vms.c136
-rw-r--r--crypto/openssl/crypto/rand/rand_win.c758
-rw-r--r--crypto/openssl/crypto/rand/randfile.c285
-rw-r--r--crypto/openssl/crypto/rand/randtest.c219
-rw-r--r--crypto/openssl/crypto/rc2/Makefile86
-rw-r--r--crypto/openssl/crypto/rc2/rc2.h101
-rw-r--r--crypto/openssl/crypto/rc2/rc2_cbc.c226
-rw-r--r--crypto/openssl/crypto/rc2/rc2_ecb.c88
-rw-r--r--crypto/openssl/crypto/rc2/rc2_locl.h156
-rw-r--r--crypto/openssl/crypto/rc2/rc2_skey.c145
-rw-r--r--crypto/openssl/crypto/rc2/rc2cfb64.c122
-rw-r--r--crypto/openssl/crypto/rc2/rc2ofb64.c111
-rw-r--r--crypto/openssl/crypto/rc2/rc2speed.c277
-rw-r--r--crypto/openssl/crypto/rc2/rc2test.c274
-rw-r--r--crypto/openssl/crypto/rc2/rrc2.doc219
-rw-r--r--crypto/openssl/crypto/rc2/tab.c86
-rw-r--r--crypto/openssl/crypto/rc2/version22
-rw-r--r--crypto/openssl/crypto/rc4/Makefile115
-rw-r--r--crypto/openssl/crypto/rc4/asm/rc4-586.pl230
-rw-r--r--crypto/openssl/crypto/rc4/asm/rc4-ia64.S160
-rwxr-xr-xcrypto/openssl/crypto/rc4/asm/rc4-x86_64.pl240
-rw-r--r--crypto/openssl/crypto/rc4/rc4.c193
-rw-r--r--crypto/openssl/crypto/rc4/rc4.h87
-rw-r--r--crypto/openssl/crypto/rc4/rc4_enc.c315
-rw-r--r--crypto/openssl/crypto/rc4/rc4_locl.h5
-rw-r--r--crypto/openssl/crypto/rc4/rc4_skey.c150
-rw-r--r--crypto/openssl/crypto/rc4/rc4s.cpp73
-rw-r--r--crypto/openssl/crypto/rc4/rc4speed.c253
-rw-r--r--crypto/openssl/crypto/rc4/rc4test.c236
-rw-r--r--crypto/openssl/crypto/rc4/rrc4.doc278
-rw-r--r--crypto/openssl/crypto/rc5/Makefile103
-rw-r--r--crypto/openssl/crypto/rc5/asm/rc5-586.pl109
-rw-r--r--crypto/openssl/crypto/rc5/rc5.h118
-rw-r--r--crypto/openssl/crypto/rc5/rc5_ecb.c80
-rw-r--r--crypto/openssl/crypto/rc5/rc5_enc.c215
-rw-r--r--crypto/openssl/crypto/rc5/rc5_locl.h207
-rw-r--r--crypto/openssl/crypto/rc5/rc5_skey.c113
-rw-r--r--crypto/openssl/crypto/rc5/rc5cfb64.c122
-rw-r--r--crypto/openssl/crypto/rc5/rc5ofb64.c111
-rw-r--r--crypto/openssl/crypto/rc5/rc5s.cpp70
-rw-r--r--crypto/openssl/crypto/rc5/rc5speed.c277
-rw-r--r--crypto/openssl/crypto/rc5/rc5test.c386
-rw-r--r--crypto/openssl/crypto/ripemd/Makefile99
-rw-r--r--crypto/openssl/crypto/ripemd/README15
-rw-r--r--crypto/openssl/crypto/ripemd/asm/rips.cpp82
-rw-r--r--crypto/openssl/crypto/ripemd/asm/rmd-586.pl590
-rw-r--r--crypto/openssl/crypto/ripemd/ripemd.h103
-rw-r--r--crypto/openssl/crypto/ripemd/rmd160.c127
-rw-r--r--crypto/openssl/crypto/ripemd/rmd_dgst.c494
-rw-r--r--crypto/openssl/crypto/ripemd/rmd_locl.h164
-rw-r--r--crypto/openssl/crypto/ripemd/rmd_one.c78
-rw-r--r--crypto/openssl/crypto/ripemd/rmdconst.h399
-rw-r--r--crypto/openssl/crypto/ripemd/rmdtest.c145
-rw-r--r--crypto/openssl/crypto/rsa/Makefile239
-rw-r--r--crypto/openssl/crypto/rsa/rsa.h441
-rw-r--r--crypto/openssl/crypto/rsa/rsa_asn1.c121
-rw-r--r--crypto/openssl/crypto/rsa/rsa_chk.c184
-rw-r--r--crypto/openssl/crypto/rsa/rsa_depr.c101
-rw-r--r--crypto/openssl/crypto/rsa/rsa_eay.c827
-rw-r--r--crypto/openssl/crypto/rsa/rsa_err.c174
-rw-r--r--crypto/openssl/crypto/rsa/rsa_gen.c194
-rw-r--r--crypto/openssl/crypto/rsa/rsa_lib.c464
-rw-r--r--crypto/openssl/crypto/rsa/rsa_none.c98
-rw-r--r--crypto/openssl/crypto/rsa/rsa_null.c151
-rw-r--r--crypto/openssl/crypto/rsa/rsa_oaep.c213
-rw-r--r--crypto/openssl/crypto/rsa/rsa_pk1.c224
-rw-r--r--crypto/openssl/crypto/rsa/rsa_pss.c269
-rw-r--r--crypto/openssl/crypto/rsa/rsa_saos.c150
-rw-r--r--crypto/openssl/crypto/rsa/rsa_sign.c249
-rw-r--r--crypto/openssl/crypto/rsa/rsa_ssl.c154
-rw-r--r--crypto/openssl/crypto/rsa/rsa_test.c322
-rw-r--r--crypto/openssl/crypto/rsa/rsa_x931.c177
-rw-r--r--crypto/openssl/crypto/sha/Makefile134
-rw-r--r--crypto/openssl/crypto/sha/asm/README1
-rw-r--r--crypto/openssl/crypto/sha/asm/sha1-586.pl430
-rw-r--r--crypto/openssl/crypto/sha/asm/sha1-ia64.pl549
-rwxr-xr-xcrypto/openssl/crypto/sha/asm/sha512-ia64.pl432
-rw-r--r--crypto/openssl/crypto/sha/asm/sha512-sse2.pl404
-rw-r--r--crypto/openssl/crypto/sha/sha.c124
-rw-r--r--crypto/openssl/crypto/sha/sha.h199
-rw-r--r--crypto/openssl/crypto/sha/sha1.c127
-rw-r--r--crypto/openssl/crypto/sha/sha1_one.c78
-rw-r--r--crypto/openssl/crypto/sha/sha1dgst.c74
-rw-r--r--crypto/openssl/crypto/sha/sha1s.cpp82
-rw-r--r--crypto/openssl/crypto/sha/sha1test.c178
-rw-r--r--crypto/openssl/crypto/sha/sha256.c319
-rw-r--r--crypto/openssl/crypto/sha/sha256t.c147
-rw-r--r--crypto/openssl/crypto/sha/sha512.c496
-rw-r--r--crypto/openssl/crypto/sha/sha512t.c184
-rw-r--r--crypto/openssl/crypto/sha/sha_dgst.c74
-rw-r--r--crypto/openssl/crypto/sha/sha_locl.h605
-rw-r--r--crypto/openssl/crypto/sha/sha_one.c78
-rw-r--r--crypto/openssl/crypto/sha/shatest.c178
-rw-r--r--crypto/openssl/crypto/sparccpuid.S239
-rw-r--r--crypto/openssl/crypto/stack/Makefile84
-rw-r--r--crypto/openssl/crypto/stack/safestack.h1784
-rw-r--r--crypto/openssl/crypto/stack/stack.c341
-rw-r--r--crypto/openssl/crypto/stack/stack.h109
-rw-r--r--crypto/openssl/crypto/store/Makefile112
-rw-r--r--crypto/openssl/crypto/store/README95
-rw-r--r--crypto/openssl/crypto/store/store.h554
-rw-r--r--crypto/openssl/crypto/store/str_err.c214
-rw-r--r--crypto/openssl/crypto/store/str_lib.c1824
-rw-r--r--crypto/openssl/crypto/store/str_locl.h124
-rw-r--r--crypto/openssl/crypto/store/str_mem.c357
-rw-r--r--crypto/openssl/crypto/store/str_meth.c250
-rw-r--r--crypto/openssl/crypto/symhacks.h383
-rw-r--r--crypto/openssl/crypto/threads/README14
-rw-r--r--crypto/openssl/crypto/threads/mttest.c1211
-rw-r--r--crypto/openssl/crypto/threads/profile.sh4
-rw-r--r--crypto/openssl/crypto/threads/pthread.sh9
-rwxr-xr-xcrypto/openssl/crypto/threads/pthread2.sh7
-rw-r--r--crypto/openssl/crypto/threads/purify.sh4
-rw-r--r--crypto/openssl/crypto/threads/th-lock.c387
-rw-r--r--crypto/openssl/crypto/tmdiff.c260
-rw-r--r--crypto/openssl/crypto/tmdiff.h93
-rw-r--r--crypto/openssl/crypto/txt_db/Makefile84
-rw-r--r--crypto/openssl/crypto/txt_db/txt_db.c386
-rw-r--r--crypto/openssl/crypto/txt_db/txt_db.h109
-rw-r--r--crypto/openssl/crypto/ui/Makefile111
-rw-r--r--crypto/openssl/crypto/ui/ui.h381
-rw-r--r--crypto/openssl/crypto/ui/ui_compat.c67
-rw-r--r--crypto/openssl/crypto/ui/ui_compat.h83
-rw-r--r--crypto/openssl/crypto/ui/ui_err.c115
-rw-r--r--crypto/openssl/crypto/ui/ui_lib.c904
-rw-r--r--crypto/openssl/crypto/ui/ui_locl.h153
-rw-r--r--crypto/openssl/crypto/ui/ui_openssl.c705
-rw-r--r--crypto/openssl/crypto/ui/ui_util.c91
-rw-r--r--crypto/openssl/crypto/uid.c89
-rw-r--r--crypto/openssl/crypto/x509/Makefile406
-rw-r--r--crypto/openssl/crypto/x509/by_dir.c380
-rw-r--r--crypto/openssl/crypto/x509/by_file.c300
-rw-r--r--crypto/openssl/crypto/x509/x509.h1340
-rw-r--r--crypto/openssl/crypto/x509/x509_att.c332
-rw-r--r--crypto/openssl/crypto/x509/x509_cmp.c425
-rw-r--r--crypto/openssl/crypto/x509/x509_d2.c107
-rw-r--r--crypto/openssl/crypto/x509/x509_def.c81
-rw-r--r--crypto/openssl/crypto/x509/x509_err.c164
-rw-r--r--crypto/openssl/crypto/x509/x509_ext.c210
-rw-r--r--crypto/openssl/crypto/x509/x509_lu.c567
-rw-r--r--crypto/openssl/crypto/x509/x509_obj.c226
-rw-r--r--crypto/openssl/crypto/x509/x509_r2x.c114
-rw-r--r--crypto/openssl/crypto/x509/x509_req.c319
-rw-r--r--crypto/openssl/crypto/x509/x509_set.c150
-rw-r--r--crypto/openssl/crypto/x509/x509_trs.c287
-rw-r--r--crypto/openssl/crypto/x509/x509_txt.c171
-rw-r--r--crypto/openssl/crypto/x509/x509_v3.c274
-rw-r--r--crypto/openssl/crypto/x509/x509_vfy.c1533
-rw-r--r--crypto/openssl/crypto/x509/x509_vfy.h530
-rw-r--r--crypto/openssl/crypto/x509/x509_vpm.c420
-rw-r--r--crypto/openssl/crypto/x509/x509cset.c170
-rw-r--r--crypto/openssl/crypto/x509/x509name.c383
-rw-r--r--crypto/openssl/crypto/x509/x509rset.c83
-rw-r--r--crypto/openssl/crypto/x509/x509spki.c121
-rw-r--r--crypto/openssl/crypto/x509/x509type.c121
-rw-r--r--crypto/openssl/crypto/x509/x_all.c522
-rw-r--r--crypto/openssl/crypto/x509v3/Makefile560
-rw-r--r--crypto/openssl/crypto/x509v3/ext_dat.h124
-rw-r--r--crypto/openssl/crypto/x509v3/pcy_cache.c287
-rw-r--r--crypto/openssl/crypto/x509v3/pcy_data.c123
-rw-r--r--crypto/openssl/crypto/x509v3/pcy_int.h223
-rw-r--r--crypto/openssl/crypto/x509v3/pcy_lib.c167
-rw-r--r--crypto/openssl/crypto/x509v3/pcy_map.c186
-rw-r--r--crypto/openssl/crypto/x509v3/pcy_node.c158
-rw-r--r--crypto/openssl/crypto/x509v3/pcy_tree.c682
-rw-r--r--crypto/openssl/crypto/x509v3/tabtest.c88
-rw-r--r--crypto/openssl/crypto/x509v3/v3_akey.c208
-rw-r--r--crypto/openssl/crypto/x509v3/v3_akeya.c72
-rw-r--r--crypto/openssl/crypto/x509v3/v3_alt.c581
-rw-r--r--crypto/openssl/crypto/x509v3/v3_bcons.c124
-rw-r--r--crypto/openssl/crypto/x509v3/v3_bitst.c141
-rw-r--r--crypto/openssl/crypto/x509v3/v3_conf.c524
-rw-r--r--crypto/openssl/crypto/x509v3/v3_cpols.c449
-rw-r--r--crypto/openssl/crypto/x509v3/v3_crld.c162
-rw-r--r--crypto/openssl/crypto/x509v3/v3_enum.c94
-rw-r--r--crypto/openssl/crypto/x509v3/v3_extku.c142
-rw-r--r--crypto/openssl/crypto/x509v3/v3_genn.c101
-rw-r--r--crypto/openssl/crypto/x509v3/v3_ia5.c116
-rw-r--r--crypto/openssl/crypto/x509v3/v3_info.c193
-rw-r--r--crypto/openssl/crypto/x509v3/v3_int.c89
-rw-r--r--crypto/openssl/crypto/x509v3/v3_lib.c303
-rw-r--r--crypto/openssl/crypto/x509v3/v3_ncons.c220
-rw-r--r--crypto/openssl/crypto/x509v3/v3_ocsp.c275
-rw-r--r--crypto/openssl/crypto/x509v3/v3_pci.c313
-rw-r--r--crypto/openssl/crypto/x509v3/v3_pcia.c55
-rw-r--r--crypto/openssl/crypto/x509v3/v3_pcons.c136
-rw-r--r--crypto/openssl/crypto/x509v3/v3_pku.c108
-rw-r--r--crypto/openssl/crypto/x509v3/v3_pmaps.c153
-rw-r--r--crypto/openssl/crypto/x509v3/v3_prn.c234
-rw-r--r--crypto/openssl/crypto/x509v3/v3_purp.c651
-rw-r--r--crypto/openssl/crypto/x509v3/v3_skey.c144
-rw-r--r--crypto/openssl/crypto/x509v3/v3_sxnet.c262
-rw-r--r--crypto/openssl/crypto/x509v3/v3_utl.c845
-rw-r--r--crypto/openssl/crypto/x509v3/v3conf.c127
-rw-r--r--crypto/openssl/crypto/x509v3/v3err.c212
-rw-r--r--crypto/openssl/crypto/x509v3/v3prin.c99
-rw-r--r--crypto/openssl/crypto/x509v3/x509v3.h759
-rw-r--r--crypto/openssl/crypto/x86_64cpuid.pl138
-rw-r--r--crypto/openssl/crypto/x86cpuid.pl197
-rw-r--r--crypto/openssl/demos/README9
-rw-r--r--crypto/openssl/demos/asn1/README.ASN17
-rw-r--r--crypto/openssl/demos/asn1/ocsp.c366
-rw-r--r--crypto/openssl/demos/b64.c268
-rw-r--r--crypto/openssl/demos/b64.pl20
-rw-r--r--crypto/openssl/demos/bio/Makefile16
-rw-r--r--crypto/openssl/demos/bio/README3
-rw-r--r--crypto/openssl/demos/bio/saccept.c112
-rw-r--r--crypto/openssl/demos/bio/sconnect.c121
-rw-r--r--crypto/openssl/demos/bio/server.pem30
-rw-r--r--crypto/openssl/demos/easy_tls/Makefile123
-rw-r--r--crypto/openssl/demos/easy_tls/README65
-rw-r--r--crypto/openssl/demos/easy_tls/cacerts.pem18
-rw-r--r--crypto/openssl/demos/easy_tls/cert.pem31
-rw-r--r--crypto/openssl/demos/easy_tls/easy-tls.c1240
-rw-r--r--crypto/openssl/demos/easy_tls/easy-tls.h57
-rw-r--r--crypto/openssl/demos/easy_tls/test.c244
-rw-r--r--crypto/openssl/demos/easy_tls/test.h11
-rw-r--r--crypto/openssl/demos/eay/Makefile24
-rw-r--r--crypto/openssl/demos/eay/base64.c49
-rw-r--r--crypto/openssl/demos/eay/conn.c105
-rw-r--r--crypto/openssl/demos/eay/loadrsa.c53
-rw-r--r--crypto/openssl/demos/engines/cluster_labs/Makefile114
-rw-r--r--crypto/openssl/demos/engines/cluster_labs/cluster_labs.h35
-rw-r--r--crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs.c721
-rw-r--r--crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs.ec8
-rw-r--r--crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs_err.c151
-rw-r--r--crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs_err.h95
-rw-r--r--crypto/openssl/demos/engines/ibmca/Makefile114
-rw-r--r--crypto/openssl/demos/engines/ibmca/hw_ibmca.c920
-rw-r--r--crypto/openssl/demos/engines/ibmca/hw_ibmca.ec8
-rw-r--r--crypto/openssl/demos/engines/ibmca/hw_ibmca_err.c154
-rw-r--r--crypto/openssl/demos/engines/ibmca/hw_ibmca_err.h98
-rw-r--r--crypto/openssl/demos/engines/ibmca/ica_openssl_api.h189
-rw-r--r--crypto/openssl/demos/engines/zencod/Makefile114
-rw-r--r--crypto/openssl/demos/engines/zencod/hw_zencod.c1739
-rw-r--r--crypto/openssl/demos/engines/zencod/hw_zencod.ec8
-rw-r--r--crypto/openssl/demos/engines/zencod/hw_zencod.h160
-rw-r--r--crypto/openssl/demos/engines/zencod/hw_zencod_err.c151
-rw-r--r--crypto/openssl/demos/engines/zencod/hw_zencod_err.h95
-rw-r--r--crypto/openssl/demos/maurice/Makefile59
-rw-r--r--crypto/openssl/demos/maurice/README34
-rw-r--r--crypto/openssl/demos/maurice/cert.pem77
-rw-r--r--crypto/openssl/demos/maurice/example1.c198
-rw-r--r--crypto/openssl/demos/maurice/example2.c75
-rw-r--r--crypto/openssl/demos/maurice/example3.c87
-rw-r--r--crypto/openssl/demos/maurice/example4.c123
-rw-r--r--crypto/openssl/demos/maurice/loadkeys.c72
-rw-r--r--crypto/openssl/demos/maurice/loadkeys.h19
-rw-r--r--crypto/openssl/demos/maurice/privkey.pem27
-rw-r--r--crypto/openssl/demos/pkcs12/README3
-rw-r--r--crypto/openssl/demos/pkcs12/pkread.c61
-rw-r--r--crypto/openssl/demos/pkcs12/pkwrite.c46
-rw-r--r--crypto/openssl/demos/prime/Makefile20
-rw-r--r--crypto/openssl/demos/prime/prime.c101
-rw-r--r--crypto/openssl/demos/privkey.pem9
-rw-r--r--crypto/openssl/demos/selfsign.c180
-rw-r--r--crypto/openssl/demos/sign/Makefile15
-rw-r--r--crypto/openssl/demos/sign/cert.pem14
-rw-r--r--crypto/openssl/demos/sign/key.pem9
-rw-r--r--crypto/openssl/demos/sign/sig.txt158
-rw-r--r--crypto/openssl/demos/sign/sign.c153
-rw-r--r--crypto/openssl/demos/sign/sign.txt170
-rw-r--r--crypto/openssl/demos/spkigen.c161
-rw-r--r--crypto/openssl/demos/ssl/cli.cpp110
-rw-r--r--crypto/openssl/demos/ssl/inetdsrv.cpp98
-rw-r--r--crypto/openssl/demos/ssl/serv.cpp152
-rwxr-xr-xcrypto/openssl/demos/ssltest-ecc/ECC-RSAcertgen.sh98
-rwxr-xr-xcrypto/openssl/demos/ssltest-ecc/ECCcertgen.sh164
-rw-r--r--crypto/openssl/demos/ssltest-ecc/README15
-rwxr-xr-xcrypto/openssl/demos/ssltest-ecc/RSAcertgen.sh121
-rwxr-xr-xcrypto/openssl/demos/ssltest-ecc/ssltest.sh188
-rw-r--r--crypto/openssl/demos/state_machine/Makefile9
-rw-r--r--crypto/openssl/demos/state_machine/state_machine.c416
-rw-r--r--crypto/openssl/demos/tunala/A-client.pem84
-rw-r--r--crypto/openssl/demos/tunala/A-server.pem84
-rw-r--r--crypto/openssl/demos/tunala/CA.pem24
-rw-r--r--crypto/openssl/demos/tunala/INSTALL107
-rw-r--r--crypto/openssl/demos/tunala/Makefile41
-rw-r--r--crypto/openssl/demos/tunala/Makefile.am7
-rw-r--r--crypto/openssl/demos/tunala/README233
-rwxr-xr-xcrypto/openssl/demos/tunala/autogunk.sh25
-rwxr-xr-xcrypto/openssl/demos/tunala/autoungunk.sh18
-rw-r--r--crypto/openssl/demos/tunala/breakage.c66
-rw-r--r--crypto/openssl/demos/tunala/buffer.c205
-rw-r--r--crypto/openssl/demos/tunala/cb.c143
-rw-r--r--crypto/openssl/demos/tunala/configure.in29
-rw-r--r--crypto/openssl/demos/tunala/ip.c146
-rw-r--r--crypto/openssl/demos/tunala/sm.c151
-rwxr-xr-xcrypto/openssl/demos/tunala/test.sh107
-rw-r--r--crypto/openssl/demos/tunala/tunala.c1107
-rw-r--r--crypto/openssl/demos/tunala/tunala.h215
-rw-r--r--crypto/openssl/demos/x509/README3
-rw-r--r--crypto/openssl/demos/x509/mkcert.c172
-rw-r--r--crypto/openssl/demos/x509/mkreq.c161
-rw-r--r--crypto/openssl/doc/HOWTO/certificates.txt105
-rw-r--r--crypto/openssl/doc/HOWTO/keys.txt73
-rw-r--r--crypto/openssl/doc/HOWTO/proxy_certificates.txt322
-rw-r--r--crypto/openssl/doc/README12
-rw-r--r--crypto/openssl/doc/apps/CA.pl.pod179
-rw-r--r--crypto/openssl/doc/apps/asn1parse.pod171
-rw-r--r--crypto/openssl/doc/apps/ca.pod671
-rw-r--r--crypto/openssl/doc/apps/ciphers.pod416
-rw-r--r--crypto/openssl/doc/apps/config.pod279
-rw-r--r--crypto/openssl/doc/apps/crl.pod117
-rw-r--r--crypto/openssl/doc/apps/crl2pkcs7.pod91
-rw-r--r--crypto/openssl/doc/apps/dgst.pod110
-rw-r--r--crypto/openssl/doc/apps/dhparam.pod141
-rw-r--r--crypto/openssl/doc/apps/dsa.pod158
-rw-r--r--crypto/openssl/doc/apps/dsaparam.pod110
-rw-r--r--crypto/openssl/doc/apps/ec.pod190
-rw-r--r--crypto/openssl/doc/apps/ecparam.pod179
-rw-r--r--crypto/openssl/doc/apps/enc.pod271
-rw-r--r--crypto/openssl/doc/apps/errstr.pod39
-rw-r--r--crypto/openssl/doc/apps/gendsa.pod66
-rw-r--r--crypto/openssl/doc/apps/genrsa.pod96
-rw-r--r--crypto/openssl/doc/apps/nseq.pod70
-rw-r--r--crypto/openssl/doc/apps/ocsp.pod365
-rw-r--r--crypto/openssl/doc/apps/openssl.pod345
-rw-r--r--crypto/openssl/doc/apps/passwd.pod82
-rw-r--r--crypto/openssl/doc/apps/pkcs12.pod330
-rw-r--r--crypto/openssl/doc/apps/pkcs7.pod105
-rw-r--r--crypto/openssl/doc/apps/pkcs8.pod243
-rw-r--r--crypto/openssl/doc/apps/rand.pod50
-rw-r--r--crypto/openssl/doc/apps/req.pod611
-rw-r--r--crypto/openssl/doc/apps/rsa.pod189
-rw-r--r--crypto/openssl/doc/apps/rsautl.pod183
-rw-r--r--crypto/openssl/doc/apps/s_client.pod266
-rw-r--r--crypto/openssl/doc/apps/s_server.pod327
-rw-r--r--crypto/openssl/doc/apps/s_time.pod173
-rw-r--r--crypto/openssl/doc/apps/sess_id.pod151
-rw-r--r--crypto/openssl/doc/apps/smime.pod385
-rw-r--r--crypto/openssl/doc/apps/speed.pod59
-rw-r--r--crypto/openssl/doc/apps/spkac.pod133
-rw-r--r--crypto/openssl/doc/apps/verify.pod328
-rw-r--r--crypto/openssl/doc/apps/version.pod64
-rw-r--r--crypto/openssl/doc/apps/x509.pod832
-rw-r--r--crypto/openssl/doc/apps/x509v3_config.pod456
-rw-r--r--crypto/openssl/doc/c-indentation.el44
-rw-r--r--crypto/openssl/doc/crypto/ASN1_OBJECT_new.pod43
-rw-r--r--crypto/openssl/doc/crypto/ASN1_STRING_length.pod81
-rw-r--r--crypto/openssl/doc/crypto/ASN1_STRING_new.pod44
-rw-r--r--crypto/openssl/doc/crypto/ASN1_STRING_print_ex.pod96
-rw-r--r--crypto/openssl/doc/crypto/ASN1_generate_nconf.pod253
-rw-r--r--crypto/openssl/doc/crypto/BIO_ctrl.pod128
-rw-r--r--crypto/openssl/doc/crypto/BIO_f_base64.pod81
-rw-r--r--crypto/openssl/doc/crypto/BIO_f_buffer.pod69
-rw-r--r--crypto/openssl/doc/crypto/BIO_f_cipher.pod76
-rw-r--r--crypto/openssl/doc/crypto/BIO_f_md.pod138
-rw-r--r--crypto/openssl/doc/crypto/BIO_f_null.pod32
-rw-r--r--crypto/openssl/doc/crypto/BIO_f_ssl.pod313
-rw-r--r--crypto/openssl/doc/crypto/BIO_find_type.pod98
-rw-r--r--crypto/openssl/doc/crypto/BIO_new.pod65
-rw-r--r--crypto/openssl/doc/crypto/BIO_push.pod69
-rw-r--r--crypto/openssl/doc/crypto/BIO_read.pod66
-rw-r--r--crypto/openssl/doc/crypto/BIO_s_accept.pod195
-rw-r--r--crypto/openssl/doc/crypto/BIO_s_bio.pod182
-rw-r--r--crypto/openssl/doc/crypto/BIO_s_connect.pod192
-rw-r--r--crypto/openssl/doc/crypto/BIO_s_fd.pod89
-rw-r--r--crypto/openssl/doc/crypto/BIO_s_file.pod144
-rw-r--r--crypto/openssl/doc/crypto/BIO_s_mem.pod115
-rw-r--r--crypto/openssl/doc/crypto/BIO_s_null.pod37
-rw-r--r--crypto/openssl/doc/crypto/BIO_s_socket.pod63
-rw-r--r--crypto/openssl/doc/crypto/BIO_set_callback.pod108
-rw-r--r--crypto/openssl/doc/crypto/BIO_should_retry.pod114
-rw-r--r--crypto/openssl/doc/crypto/BN_BLINDING_new.pod109
-rw-r--r--crypto/openssl/doc/crypto/BN_CTX_new.pod53
-rw-r--r--crypto/openssl/doc/crypto/BN_CTX_start.pod52
-rw-r--r--crypto/openssl/doc/crypto/BN_add.pod126
-rw-r--r--crypto/openssl/doc/crypto/BN_add_word.pod61
-rw-r--r--crypto/openssl/doc/crypto/BN_bn2bin.pod95
-rw-r--r--crypto/openssl/doc/crypto/BN_cmp.pod48
-rw-r--r--crypto/openssl/doc/crypto/BN_copy.pod34
-rw-r--r--crypto/openssl/doc/crypto/BN_generate_prime.pod102
-rw-r--r--crypto/openssl/doc/crypto/BN_mod_inverse.pod36
-rw-r--r--crypto/openssl/doc/crypto/BN_mod_mul_montgomery.pod101
-rw-r--r--crypto/openssl/doc/crypto/BN_mod_mul_reciprocal.pod81
-rw-r--r--crypto/openssl/doc/crypto/BN_new.pod53
-rw-r--r--crypto/openssl/doc/crypto/BN_num_bytes.pod57
-rw-r--r--crypto/openssl/doc/crypto/BN_rand.pod58
-rw-r--r--crypto/openssl/doc/crypto/BN_set_bit.pod66
-rw-r--r--crypto/openssl/doc/crypto/BN_swap.pod23
-rw-r--r--crypto/openssl/doc/crypto/BN_zero.pod59
-rw-r--r--crypto/openssl/doc/crypto/CONF_modules_free.pod47
-rw-r--r--crypto/openssl/doc/crypto/CONF_modules_load_file.pod60
-rw-r--r--crypto/openssl/doc/crypto/CRYPTO_set_ex_data.pod51
-rw-r--r--crypto/openssl/doc/crypto/DH_generate_key.pod50
-rw-r--r--crypto/openssl/doc/crypto/DH_generate_parameters.pod73
-rw-r--r--crypto/openssl/doc/crypto/DH_get_ex_new_index.pod36
-rw-r--r--crypto/openssl/doc/crypto/DH_new.pod40
-rw-r--r--crypto/openssl/doc/crypto/DH_set_method.pod129
-rw-r--r--crypto/openssl/doc/crypto/DH_size.pod33
-rw-r--r--crypto/openssl/doc/crypto/DSA_SIG_new.pod40
-rw-r--r--crypto/openssl/doc/crypto/DSA_do_sign.pod47
-rw-r--r--crypto/openssl/doc/crypto/DSA_dup_DH.pod36
-rw-r--r--crypto/openssl/doc/crypto/DSA_generate_key.pod34
-rw-r--r--crypto/openssl/doc/crypto/DSA_generate_parameters.pod105
-rw-r--r--crypto/openssl/doc/crypto/DSA_get_ex_new_index.pod36
-rw-r--r--crypto/openssl/doc/crypto/DSA_new.pod42
-rw-r--r--crypto/openssl/doc/crypto/DSA_set_method.pod143
-rw-r--r--crypto/openssl/doc/crypto/DSA_sign.pod66
-rw-r--r--crypto/openssl/doc/crypto/DSA_size.pod33
-rw-r--r--crypto/openssl/doc/crypto/ERR_GET_LIB.pod51
-rw-r--r--crypto/openssl/doc/crypto/ERR_clear_error.pod29
-rw-r--r--crypto/openssl/doc/crypto/ERR_error_string.pod73
-rw-r--r--crypto/openssl/doc/crypto/ERR_get_error.pod76
-rw-r--r--crypto/openssl/doc/crypto/ERR_load_crypto_strings.pod46
-rw-r--r--crypto/openssl/doc/crypto/ERR_load_strings.pod54
-rw-r--r--crypto/openssl/doc/crypto/ERR_print_errors.pod51
-rw-r--r--crypto/openssl/doc/crypto/ERR_put_error.pod44
-rw-r--r--crypto/openssl/doc/crypto/ERR_remove_state.pod34
-rw-r--r--crypto/openssl/doc/crypto/ERR_set_mark.pod38
-rw-r--r--crypto/openssl/doc/crypto/EVP_BytesToKey.pod67
-rw-r--r--crypto/openssl/doc/crypto/EVP_DigestInit.pod256
-rw-r--r--crypto/openssl/doc/crypto/EVP_EncryptInit.pod511
-rw-r--r--crypto/openssl/doc/crypto/EVP_OpenInit.pod63
-rw-r--r--crypto/openssl/doc/crypto/EVP_PKEY_new.pod47
-rw-r--r--crypto/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod80
-rw-r--r--crypto/openssl/doc/crypto/EVP_SealInit.pod85
-rw-r--r--crypto/openssl/doc/crypto/EVP_SignInit.pod95
-rw-r--r--crypto/openssl/doc/crypto/EVP_VerifyInit.pod86
-rw-r--r--crypto/openssl/doc/crypto/OBJ_nid2obj.pod149
-rw-r--r--crypto/openssl/doc/crypto/OPENSSL_Applink.pod21
-rw-r--r--crypto/openssl/doc/crypto/OPENSSL_VERSION_NUMBER.pod101
-rw-r--r--crypto/openssl/doc/crypto/OPENSSL_config.pod82
-rw-r--r--crypto/openssl/doc/crypto/OPENSSL_ia32cap.pod35
-rw-r--r--crypto/openssl/doc/crypto/OPENSSL_load_builtin_modules.pod51
-rw-r--r--crypto/openssl/doc/crypto/OpenSSL_add_all_algorithms.pod66
-rw-r--r--crypto/openssl/doc/crypto/PKCS12_create.pod75
-rw-r--r--crypto/openssl/doc/crypto/PKCS12_parse.pod50
-rw-r--r--crypto/openssl/doc/crypto/PKCS7_decrypt.pod53
-rw-r--r--crypto/openssl/doc/crypto/PKCS7_encrypt.pod65
-rw-r--r--crypto/openssl/doc/crypto/PKCS7_sign.pod101
-rw-r--r--crypto/openssl/doc/crypto/PKCS7_verify.pod116
-rw-r--r--crypto/openssl/doc/crypto/RAND_add.pod77
-rw-r--r--crypto/openssl/doc/crypto/RAND_bytes.pod47
-rw-r--r--crypto/openssl/doc/crypto/RAND_cleanup.pod29
-rw-r--r--crypto/openssl/doc/crypto/RAND_egd.pod85
-rw-r--r--crypto/openssl/doc/crypto/RAND_load_file.pod53
-rw-r--r--crypto/openssl/doc/crypto/RAND_set_rand_method.pod83
-rw-r--r--crypto/openssl/doc/crypto/RSA_blinding_on.pod43
-rw-r--r--crypto/openssl/doc/crypto/RSA_check_key.pod67
-rw-r--r--crypto/openssl/doc/crypto/RSA_generate_key.pod69
-rw-r--r--crypto/openssl/doc/crypto/RSA_get_ex_new_index.pod120
-rw-r--r--crypto/openssl/doc/crypto/RSA_new.pod41
-rw-r--r--crypto/openssl/doc/crypto/RSA_padding_add_PKCS1_type_1.pod124
-rw-r--r--crypto/openssl/doc/crypto/RSA_print.pod49
-rw-r--r--crypto/openssl/doc/crypto/RSA_private_encrypt.pod70
-rw-r--r--crypto/openssl/doc/crypto/RSA_public_encrypt.pod84
-rw-r--r--crypto/openssl/doc/crypto/RSA_set_method.pod202
-rw-r--r--crypto/openssl/doc/crypto/RSA_sign.pod62
-rw-r--r--crypto/openssl/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod59
-rw-r--r--crypto/openssl/doc/crypto/RSA_size.pod33
-rw-r--r--crypto/openssl/doc/crypto/SMIME_read_PKCS7.pod71
-rw-r--r--crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod61
-rw-r--r--crypto/openssl/doc/crypto/X509_NAME_ENTRY_get_object.pod72
-rw-r--r--crypto/openssl/doc/crypto/X509_NAME_add_entry_by_txt.pod114
-rw-r--r--crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod106
-rw-r--r--crypto/openssl/doc/crypto/X509_NAME_print_ex.pod105
-rw-r--r--crypto/openssl/doc/crypto/X509_new.pod37
-rw-r--r--crypto/openssl/doc/crypto/bio.pod54
-rw-r--r--crypto/openssl/doc/crypto/blowfish.pod112
-rw-r--r--crypto/openssl/doc/crypto/bn.pod181
-rw-r--r--crypto/openssl/doc/crypto/bn_internal.pod226
-rw-r--r--crypto/openssl/doc/crypto/buffer.pod73
-rw-r--r--crypto/openssl/doc/crypto/crypto.pod85
-rw-r--r--crypto/openssl/doc/crypto/d2i_ASN1_OBJECT.pod29
-rw-r--r--crypto/openssl/doc/crypto/d2i_DHparams.pod30
-rw-r--r--crypto/openssl/doc/crypto/d2i_DSAPublicKey.pod83
-rw-r--r--crypto/openssl/doc/crypto/d2i_PKCS8PrivateKey.pod56
-rw-r--r--crypto/openssl/doc/crypto/d2i_RSAPublicKey.pod67
-rw-r--r--crypto/openssl/doc/crypto/d2i_X509.pod231
-rw-r--r--crypto/openssl/doc/crypto/d2i_X509_ALGOR.pod30
-rw-r--r--crypto/openssl/doc/crypto/d2i_X509_CRL.pod37
-rw-r--r--crypto/openssl/doc/crypto/d2i_X509_NAME.pod31
-rw-r--r--crypto/openssl/doc/crypto/d2i_X509_REQ.pod36
-rw-r--r--crypto/openssl/doc/crypto/d2i_X509_SIG.pod30
-rw-r--r--crypto/openssl/doc/crypto/des.pod358
-rw-r--r--crypto/openssl/doc/crypto/des_modes.pod255
-rw-r--r--crypto/openssl/doc/crypto/dh.pod78
-rw-r--r--crypto/openssl/doc/crypto/dsa.pod114
-rw-r--r--crypto/openssl/doc/crypto/ecdsa.pod210
-rw-r--r--crypto/openssl/doc/crypto/engine.pod599
-rw-r--r--crypto/openssl/doc/crypto/err.pod187
-rw-r--r--crypto/openssl/doc/crypto/evp.pod45
-rw-r--r--crypto/openssl/doc/crypto/hmac.pod102
-rw-r--r--crypto/openssl/doc/crypto/lh_stats.pod60
-rw-r--r--crypto/openssl/doc/crypto/lhash.pod294
-rw-r--r--crypto/openssl/doc/crypto/md5.pod101
-rw-r--r--crypto/openssl/doc/crypto/mdc2.pod64
-rw-r--r--crypto/openssl/doc/crypto/pem.pod476
-rw-r--r--crypto/openssl/doc/crypto/rand.pod175
-rw-r--r--crypto/openssl/doc/crypto/rc4.pod62
-rw-r--r--crypto/openssl/doc/crypto/ripemd.pod66
-rw-r--r--crypto/openssl/doc/crypto/rsa.pod123
-rw-r--r--crypto/openssl/doc/crypto/sha.pod70
-rw-r--r--crypto/openssl/doc/crypto/threads.pod175
-rw-r--r--crypto/openssl/doc/crypto/ui.pod194
-rw-r--r--crypto/openssl/doc/crypto/ui_compat.pod55
-rw-r--r--crypto/openssl/doc/crypto/x509.pod64
-rw-r--r--crypto/openssl/doc/fingerprints.txt57
-rw-r--r--crypto/openssl/doc/openssl-shared.txt32
-rw-r--r--crypto/openssl/doc/openssl.txt1254
-rw-r--r--crypto/openssl/doc/openssl_button.gifbin2063 -> 0 bytes
-rw-r--r--crypto/openssl/doc/openssl_button.html7
-rw-r--r--crypto/openssl/doc/ssl/SSL_CIPHER_get_name.pod112
-rw-r--r--crypto/openssl/doc/ssl/SSL_COMP_add_compression_method.pod70
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_add_extra_chain_cert.pod39
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_add_session.pod73
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_ctrl.pod34
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_flush_sessions.pod49
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_free.pod41
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_get_ex_new_index.pod53
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_get_verify_mode.pod50
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_load_verify_locations.pod124
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_new.pod94
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_sess_number.pod76
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_sess_set_cache_size.pod51
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_sess_set_get_cb.pod87
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_sessions.pod34
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_cert_store.pod57
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_cert_verify_callback.pod75
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod70
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod94
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_client_cert_cb.pod94
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_default_passwd_cb.pod76
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_generate_session_id.pod150
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_info_callback.pod153
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_max_cert_list.pod77
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod81
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_msg_callback.pod99
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_options.pod235
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_quiet_shutdown.pod63
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_session_cache_mode.pod137
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod83
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod61
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_timeout.pod59
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod170
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod166
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod294
-rw-r--r--crypto/openssl/doc/ssl/SSL_CTX_use_certificate.pod169
-rw-r--r--crypto/openssl/doc/ssl/SSL_SESSION_free.pod55
-rw-r--r--crypto/openssl/doc/ssl/SSL_SESSION_get_ex_new_index.pod61
-rw-r--r--crypto/openssl/doc/ssl/SSL_SESSION_get_time.pod64
-rw-r--r--crypto/openssl/doc/ssl/SSL_accept.pod76
-rw-r--r--crypto/openssl/doc/ssl/SSL_alert_type_string.pod228
-rw-r--r--crypto/openssl/doc/ssl/SSL_clear.pod69
-rw-r--r--crypto/openssl/doc/ssl/SSL_connect.pod73
-rw-r--r--crypto/openssl/doc/ssl/SSL_do_handshake.pod75
-rw-r--r--crypto/openssl/doc/ssl/SSL_free.pod44
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_SSL_CTX.pod26
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_ciphers.pod42
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_client_CA_list.pod53
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_current_cipher.pod43
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_default_timeout.pod41
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_error.pod114
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod61
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_ex_new_index.pod59
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_fd.pod44
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_peer_cert_chain.pod52
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_peer_certificate.pod55
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_rbio.pod40
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_session.pod73
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_verify_result.pod57
-rw-r--r--crypto/openssl/doc/ssl/SSL_get_version.pod46
-rw-r--r--crypto/openssl/doc/ssl/SSL_library_init.pod52
-rw-r--r--crypto/openssl/doc/ssl/SSL_load_client_CA_file.pod62
-rw-r--r--crypto/openssl/doc/ssl/SSL_new.pod44
-rw-r--r--crypto/openssl/doc/ssl/SSL_pending.pod43
-rw-r--r--crypto/openssl/doc/ssl/SSL_read.pod118
-rw-r--r--crypto/openssl/doc/ssl/SSL_rstate_string.pod59
-rw-r--r--crypto/openssl/doc/ssl/SSL_session_reused.pod45
-rw-r--r--crypto/openssl/doc/ssl/SSL_set_bio.pod34
-rw-r--r--crypto/openssl/doc/ssl/SSL_set_connect_state.pod55
-rw-r--r--crypto/openssl/doc/ssl/SSL_set_fd.pod54
-rw-r--r--crypto/openssl/doc/ssl/SSL_set_session.pod57
-rw-r--r--crypto/openssl/doc/ssl/SSL_set_shutdown.pod72
-rw-r--r--crypto/openssl/doc/ssl/SSL_set_verify_result.pod38
-rw-r--r--crypto/openssl/doc/ssl/SSL_shutdown.pod125
-rw-r--r--crypto/openssl/doc/ssl/SSL_state_string.pod45
-rw-r--r--crypto/openssl/doc/ssl/SSL_want.pod77
-rw-r--r--crypto/openssl/doc/ssl/SSL_write.pod109
-rw-r--r--crypto/openssl/doc/ssl/d2i_SSL_SESSION.pod66
-rw-r--r--crypto/openssl/doc/ssl/ssl.pod736
-rw-r--r--crypto/openssl/doc/ssleay.txt7030
-rw-r--r--crypto/openssl/doc/standards.txt272
-rw-r--r--crypto/openssl/e_os.h665
-rw-r--r--crypto/openssl/e_os2.h279
-rw-r--r--crypto/openssl/engines/Makefile249
-rw-r--r--crypto/openssl/engines/axp.opt1
-rw-r--r--crypto/openssl/engines/e_4758cca.c994
-rw-r--r--crypto/openssl/engines/e_4758cca.ec1
-rw-r--r--crypto/openssl/engines/e_4758cca_err.c153
-rw-r--r--crypto/openssl/engines/e_4758cca_err.h93
-rw-r--r--crypto/openssl/engines/e_aep.c1137
-rw-r--r--crypto/openssl/engines/e_aep.ec1
-rw-r--r--crypto/openssl/engines/e_aep_err.c161
-rw-r--r--crypto/openssl/engines/e_aep_err.h101
-rw-r--r--crypto/openssl/engines/e_atalla.c607
-rw-r--r--crypto/openssl/engines/e_atalla.ec1
-rw-r--r--crypto/openssl/engines/e_atalla_err.c149
-rw-r--r--crypto/openssl/engines/e_atalla_err.h89
-rw-r--r--crypto/openssl/engines/e_chil.c1374
-rw-r--r--crypto/openssl/engines/e_chil.ec1
-rw-r--r--crypto/openssl/engines/e_chil_err.c161
-rw-r--r--crypto/openssl/engines/e_chil_err.h101
-rw-r--r--crypto/openssl/engines/e_cswift.c1131
-rw-r--r--crypto/openssl/engines/e_cswift.ec1
-rw-r--r--crypto/openssl/engines/e_cswift_err.c154
-rw-r--r--crypto/openssl/engines/e_cswift_err.h94
-rw-r--r--crypto/openssl/engines/e_gmp.c435
-rw-r--r--crypto/openssl/engines/e_gmp.ec1
-rw-r--r--crypto/openssl/engines/e_gmp_err.c141
-rw-r--r--crypto/openssl/engines/e_gmp_err.h81
-rw-r--r--crypto/openssl/engines/e_nuron.c434
-rw-r--r--crypto/openssl/engines/e_nuron.ec1
-rw-r--r--crypto/openssl/engines/e_nuron_err.c146
-rw-r--r--crypto/openssl/engines/e_nuron_err.h86
-rw-r--r--crypto/openssl/engines/e_sureware.c1057
-rw-r--r--crypto/openssl/engines/e_sureware.ec1
-rw-r--r--crypto/openssl/engines/e_sureware_err.c158
-rw-r--r--crypto/openssl/engines/e_sureware_err.h98
-rw-r--r--crypto/openssl/engines/e_ubsec.c1070
-rw-r--r--crypto/openssl/engines/e_ubsec.ec1
-rw-r--r--crypto/openssl/engines/e_ubsec_err.c157
-rw-r--r--crypto/openssl/engines/e_ubsec_err.h97
-rw-r--r--crypto/openssl/engines/engine_vector.mar24
-rw-r--r--crypto/openssl/engines/vax.opt9
-rw-r--r--crypto/openssl/engines/vendor_defns/aep.h178
-rw-r--r--crypto/openssl/engines/vendor_defns/atalla.h48
-rw-r--r--crypto/openssl/engines/vendor_defns/cswift.h234
-rw-r--r--crypto/openssl/engines/vendor_defns/hw_4758_cca.h149
-rw-r--r--crypto/openssl/engines/vendor_defns/hw_ubsec.h100
-rw-r--r--crypto/openssl/engines/vendor_defns/hwcryptohook.h486
-rw-r--r--crypto/openssl/engines/vendor_defns/sureware.h239
-rw-r--r--crypto/openssl/openssl.doxy7
-rw-r--r--crypto/openssl/openssl.spec209
-rw-r--r--crypto/openssl/shlib/README1
-rw-r--r--crypto/openssl/ssl/Makefile970
-rw-r--r--crypto/openssl/ssl/bio_ssl.c598
-rw-r--r--crypto/openssl/ssl/d1_both.c1263
-rw-r--r--crypto/openssl/ssl/d1_clnt.c1143
-rw-r--r--crypto/openssl/ssl/d1_enc.c281
-rw-r--r--crypto/openssl/ssl/d1_lib.c190
-rw-r--r--crypto/openssl/ssl/d1_meth.c77
-rw-r--r--crypto/openssl/ssl/d1_pkt.c1776
-rw-r--r--crypto/openssl/ssl/d1_srvr.c1130
-rw-r--r--crypto/openssl/ssl/dtls1.h212
-rw-r--r--crypto/openssl/ssl/kssl.c2184
-rw-r--r--crypto/openssl/ssl/kssl.h179
-rw-r--r--crypto/openssl/ssl/kssl_lcl.h87
-rw-r--r--crypto/openssl/ssl/s23_clnt.c582
-rw-r--r--crypto/openssl/ssl/s23_lib.c198
-rw-r--r--crypto/openssl/ssl/s23_meth.c88
-rw-r--r--crypto/openssl/ssl/s23_pkt.c117
-rw-r--r--crypto/openssl/ssl/s23_srvr.c573
-rw-r--r--crypto/openssl/ssl/s2_clnt.c1123
-rw-r--r--crypto/openssl/ssl/s2_enc.c191
-rw-r--r--crypto/openssl/ssl/s2_lib.c478
-rw-r--r--crypto/openssl/ssl/s2_meth.c84
-rw-r--r--crypto/openssl/ssl/s2_pkt.c737
-rw-r--r--crypto/openssl/ssl/s2_srvr.c1143
-rw-r--r--crypto/openssl/ssl/s3_both.c622
-rw-r--r--crypto/openssl/ssl/s3_clnt.c2456
-rw-r--r--crypto/openssl/ssl/s3_enc.c715
-rw-r--r--crypto/openssl/ssl/s3_lib.c2406
-rw-r--r--crypto/openssl/ssl/s3_meth.c77
-rw-r--r--crypto/openssl/ssl/s3_pkt.c1315
-rw-r--r--crypto/openssl/ssl/s3_srvr.c2597
-rw-r--r--crypto/openssl/ssl/ssl.h1960
-rw-r--r--crypto/openssl/ssl/ssl2.h268
-rw-r--r--crypto/openssl/ssl/ssl23.h83
-rw-r--r--crypto/openssl/ssl/ssl3.h555
-rw-r--r--crypto/openssl/ssl/ssl_algs.c131
-rw-r--r--crypto/openssl/ssl/ssl_asn1.c398
-rw-r--r--crypto/openssl/ssl/ssl_cert.c829
-rw-r--r--crypto/openssl/ssl/ssl_ciph.c1341
-rw-r--r--crypto/openssl/ssl/ssl_err.c500
-rw-r--r--crypto/openssl/ssl/ssl_err2.c70
-rw-r--r--crypto/openssl/ssl/ssl_lib.c2590
-rw-r--r--crypto/openssl/ssl/ssl_locl.h950
-rw-r--r--crypto/openssl/ssl/ssl_rsa.c777
-rw-r--r--crypto/openssl/ssl/ssl_sess.c767
-rw-r--r--crypto/openssl/ssl/ssl_stat.c502
-rw-r--r--crypto/openssl/ssl/ssl_task.c369
-rw-r--r--crypto/openssl/ssl/ssl_txt.c188
-rw-r--r--crypto/openssl/ssl/ssltest.c2294
-rw-r--r--crypto/openssl/ssl/t1_clnt.c79
-rw-r--r--crypto/openssl/ssl/t1_enc.c839
-rw-r--r--crypto/openssl/ssl/t1_lib.c119
-rw-r--r--crypto/openssl/ssl/t1_meth.c76
-rw-r--r--crypto/openssl/ssl/t1_srvr.c80
-rw-r--r--crypto/openssl/ssl/tls1.h305
-rw-r--r--crypto/openssl/test/CAss.cnf76
-rw-r--r--crypto/openssl/test/CAssdh.cnf24
-rw-r--r--crypto/openssl/test/CAssdsa.cnf23
-rw-r--r--crypto/openssl/test/CAssrsa.cnf24
-rw-r--r--crypto/openssl/test/Makefile624
-rw-r--r--crypto/openssl/test/P1ss.cnf37
-rw-r--r--crypto/openssl/test/P2ss.cnf45
-rw-r--r--crypto/openssl/test/Sssdsa.cnf27
-rw-r--r--crypto/openssl/test/Sssrsa.cnf26
-rw-r--r--crypto/openssl/test/Uss.cnf36
-rw-r--r--crypto/openssl/test/VMSca-response.11
-rw-r--r--crypto/openssl/test/VMSca-response.22
-rwxr-xr-xcrypto/openssl/test/bctest111
-rw-r--r--crypto/openssl/test/dummytest.c48
-rw-r--r--crypto/openssl/test/evptests.txt312
-rw-r--r--crypto/openssl/test/igetest.c486
-rw-r--r--crypto/openssl/test/methtest.c105
-rw-r--r--crypto/openssl/test/pkcs7-1.pem15
-rw-r--r--crypto/openssl/test/pkcs7.pem54
-rw-r--r--crypto/openssl/test/r160test.c57
-rw-r--r--crypto/openssl/test/tcrl78
-rw-r--r--crypto/openssl/test/test.cnf88
-rw-r--r--crypto/openssl/test/testca51
-rw-r--r--crypto/openssl/test/testcrl.pem16
-rw-r--r--crypto/openssl/test/testenc54
-rw-r--r--crypto/openssl/test/testfipsssl113
-rw-r--r--crypto/openssl/test/testgen44
-rw-r--r--crypto/openssl/test/testp7.pem46
-rw-r--r--crypto/openssl/test/testreq2.pem7
-rw-r--r--crypto/openssl/test/testrsa.pem9
-rw-r--r--crypto/openssl/test/testsid.pem12
-rw-r--r--crypto/openssl/test/testss163
-rw-r--r--crypto/openssl/test/testssl145
-rw-r--r--crypto/openssl/test/testsslproxy10
-rw-r--r--crypto/openssl/test/testx509.pem10
-rw-r--r--crypto/openssl/test/times113
-rw-r--r--crypto/openssl/test/tpkcs748
-rw-r--r--crypto/openssl/test/tpkcs7d41
-rw-r--r--crypto/openssl/test/treq83
-rw-r--r--crypto/openssl/test/trsa83
-rw-r--r--crypto/openssl/test/tsid78
-rw-r--r--crypto/openssl/test/tx50978
-rw-r--r--crypto/openssl/test/v3-cert1.pem16
-rw-r--r--crypto/openssl/test/v3-cert2.pem16
-rw-r--r--crypto/openssl/times/090/586-100.nt32
-rw-r--r--crypto/openssl/times/091/486-50.nt30
-rw-r--r--crypto/openssl/times/091/586-100.lnx32
-rw-r--r--crypto/openssl/times/091/68000.bsd32
-rw-r--r--crypto/openssl/times/091/686-200.lnx32
-rw-r--r--crypto/openssl/times/091/alpha064.osf32
-rw-r--r--crypto/openssl/times/091/alpha164.lnx32
-rw-r--r--crypto/openssl/times/091/alpha164.osf31
-rw-r--r--crypto/openssl/times/091/mips-rel.pl21
-rw-r--r--crypto/openssl/times/091/r10000.irx37
-rw-r--r--crypto/openssl/times/091/r3000.ult32
-rw-r--r--crypto/openssl/times/091/r4400.irx32
-rw-r--r--crypto/openssl/times/100.lnx32
-rw-r--r--crypto/openssl/times/100.nt29
-rw-r--r--crypto/openssl/times/200.lnx30
-rw-r--r--crypto/openssl/times/486-66.dos22
-rw-r--r--crypto/openssl/times/486-66.nt22
-rw-r--r--crypto/openssl/times/486-66.w3123
-rw-r--r--crypto/openssl/times/5.lnx29
-rw-r--r--crypto/openssl/times/586-085i.nt29
-rw-r--r--crypto/openssl/times/586-100.LN326
-rw-r--r--crypto/openssl/times/586-100.NT226
-rw-r--r--crypto/openssl/times/586-100.dos24
-rw-r--r--crypto/openssl/times/586-100.ln426
-rw-r--r--crypto/openssl/times/586-100.lnx23
-rw-r--r--crypto/openssl/times/586-100.nt23
-rw-r--r--crypto/openssl/times/586-100.ntx30
-rw-r--r--crypto/openssl/times/586-100.w3127
-rw-r--r--crypto/openssl/times/586-1002.lnx26
-rw-r--r--crypto/openssl/times/586p-100.lnx26
-rw-r--r--crypto/openssl/times/686-200.bsd25
-rw-r--r--crypto/openssl/times/686-200.lnx26
-rw-r--r--crypto/openssl/times/686-200.nt24
-rw-r--r--crypto/openssl/times/L127
-rw-r--r--crypto/openssl/times/R10000.t24
-rw-r--r--crypto/openssl/times/R4400.t26
-rw-r--r--crypto/openssl/times/aix.t34
-rw-r--r--crypto/openssl/times/aixold.t23
-rw-r--r--crypto/openssl/times/alpha.t81
-rw-r--r--crypto/openssl/times/alpha400.t25
-rw-r--r--crypto/openssl/times/cyrix100.lnx22
-rw-r--r--crypto/openssl/times/dgux-x86.t23
-rw-r--r--crypto/openssl/times/dgux.t17
-rw-r--r--crypto/openssl/times/hpux-acc.t25
-rw-r--r--crypto/openssl/times/hpux-kr.t23
-rw-r--r--crypto/openssl/times/hpux.t86
-rw-r--r--crypto/openssl/times/p2.w9522
-rw-r--r--crypto/openssl/times/pent2.t24
-rw-r--r--crypto/openssl/times/readme11
-rw-r--r--crypto/openssl/times/s586-100.lnx25
-rw-r--r--crypto/openssl/times/s586-100.nt23
-rw-r--r--crypto/openssl/times/sgi.t29
-rw-r--r--crypto/openssl/times/sparc.t26
-rw-r--r--crypto/openssl/times/sparc221
-rw-r--r--crypto/openssl/times/sparcLX.t22
-rw-r--r--crypto/openssl/times/usparc.t25
-rw-r--r--crypto/openssl/times/x86/bfs.cpp67
-rw-r--r--crypto/openssl/times/x86/casts.cpp67
-rw-r--r--crypto/openssl/times/x86/des3s.cpp67
-rw-r--r--crypto/openssl/times/x86/dess.cpp67
-rw-r--r--crypto/openssl/times/x86/md4s.cpp78
-rw-r--r--crypto/openssl/times/x86/md5s.cpp78
-rw-r--r--crypto/openssl/times/x86/rc4s.cpp73
-rw-r--r--crypto/openssl/times/x86/sha1s.cpp79
-rw-r--r--crypto/openssl/tools/Makefile58
-rwxr-xr-xcrypto/openssl/tools/c89.sh15
-rw-r--r--crypto/openssl/tools/c_hash9
-rw-r--r--crypto/openssl/tools/c_info12
-rw-r--r--crypto/openssl/tools/c_issuer10
-rw-r--r--crypto/openssl/tools/c_name10
-rw-r--r--crypto/openssl/tools/c_rehash160
-rw-r--r--crypto/openssl/tools/c_rehash.in160
-rwxr-xr-xcrypto/openssl/util/FreeBSD.sh6
-rwxr-xr-xcrypto/openssl/util/add_cr.pl123
-rwxr-xr-xcrypto/openssl/util/bat.sh134
-rwxr-xr-xcrypto/openssl/util/ck_errf.pl50
-rwxr-xr-xcrypto/openssl/util/clean-depend.pl54
-rw-r--r--crypto/openssl/util/copy.pl59
-rwxr-xr-xcrypto/openssl/util/deleof.pl7
-rw-r--r--crypto/openssl/util/dirname.pl18
-rwxr-xr-xcrypto/openssl/util/do_ms.sh19
-rwxr-xr-xcrypto/openssl/util/domd34
-rwxr-xr-xcrypto/openssl/util/err-ins.pl33
-rw-r--r--crypto/openssl/util/extract-names.pl26
-rw-r--r--crypto/openssl/util/extract-section.pl12
-rwxr-xr-xcrypto/openssl/util/files.pl61
-rwxr-xr-xcrypto/openssl/util/fixNT.sh14
-rwxr-xr-xcrypto/openssl/util/install.sh108
-rwxr-xr-xcrypto/openssl/util/libeay.num3411
-rwxr-xr-xcrypto/openssl/util/mk1mf.pl1091
-rwxr-xr-xcrypto/openssl/util/mkcerts.sh220
-rwxr-xr-xcrypto/openssl/util/mkdef.pl1442
-rwxr-xr-xcrypto/openssl/util/mkdir-p.pl34
-rw-r--r--crypto/openssl/util/mkerr.pl712
-rwxr-xr-xcrypto/openssl/util/mkfiles.pl123
-rwxr-xr-xcrypto/openssl/util/mklink.pl72
-rwxr-xr-xcrypto/openssl/util/mkstack.pl126
-rwxr-xr-xcrypto/openssl/util/opensslwrap.sh22
-rwxr-xr-xcrypto/openssl/util/perlpath.pl35
-rw-r--r--crypto/openssl/util/pl/BC-16.pl151
-rw-r--r--crypto/openssl/util/pl/BC-32.pl139
-rw-r--r--crypto/openssl/util/pl/Mingw32.pl106
-rw-r--r--crypto/openssl/util/pl/OS2-EMX.pl120
-rw-r--r--crypto/openssl/util/pl/VC-16.pl177
-rw-r--r--crypto/openssl/util/pl/VC-32.pl298
-rw-r--r--crypto/openssl/util/pl/VC-CE.pl116
-rw-r--r--crypto/openssl/util/pl/linux.pl104
-rw-r--r--crypto/openssl/util/pl/netware.pl341
-rw-r--r--crypto/openssl/util/pl/ultrix.pl38
-rw-r--r--crypto/openssl/util/pl/unix.pl96
-rwxr-xr-xcrypto/openssl/util/pod2man.pl1184
-rwxr-xr-xcrypto/openssl/util/pod2mantest58
-rw-r--r--crypto/openssl/util/pod2mantest.pod15
-rwxr-xr-xcrypto/openssl/util/point.sh10
-rw-r--r--crypto/openssl/util/selftest.pl201
-rwxr-xr-xcrypto/openssl/util/shlib_wrap.sh70
-rwxr-xr-xcrypto/openssl/util/sp-diff.pl80
-rwxr-xr-xcrypto/openssl/util/speed.sh39
-rwxr-xr-xcrypto/openssl/util/src-dep.pl147
-rwxr-xr-xcrypto/openssl/util/ssleay.num228
-rwxr-xr-xcrypto/openssl/util/tab_num.pl17
-rwxr-xr-xcrypto/openssl/util/x86asm.sh42
1799 files changed, 0 insertions, 451396 deletions
diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES
deleted file mode 100644
index b25fde566438..000000000000
--- a/crypto/openssl/CHANGES
+++ /dev/null
@@ -1,7778 +0,0 @@
-
- OpenSSL CHANGES
- _______________
-
- Changes between 0.9.8c and 0.9.8d [28 Sep 2006]
-
- *) Introduce limits to prevent malicious keys being able to
- cause a denial of service. (CVE-2006-2940)
- [Steve Henson, Bodo Moeller]
-
- *) Fix ASN.1 parsing of certain invalid structures that can result
- in a denial of service. (CVE-2006-2937) [Steve Henson]
-
- *) Fix buffer overflow in SSL_get_shared_ciphers() function.
- (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
-
- *) Fix SSL client code which could crash if connecting to a
- malicious SSLv2 server. (CVE-2006-4343)
- [Tavis Ormandy and Will Drewry, Google Security Team]
-
- *) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites
- match only those. Before that, "AES256-SHA" would be interpreted
- as a pattern and match "AES128-SHA" too (since AES128-SHA got
- the same strength classification in 0.9.7h) as we currently only
- have a single AES bit in the ciphersuite description bitmap.
- That change, however, also applied to ciphersuite strings such as
- "RC4-MD5" that intentionally matched multiple ciphersuites --
- namely, SSL 2.0 ciphersuites in addition to the more common ones
- from SSL 3.0/TLS 1.0.
-
- So we change the selection algorithm again: Naming an explicit
- ciphersuite selects this one ciphersuite, and any other similar
- ciphersuite (same bitmap) from *other* protocol versions.
- Thus, "RC4-MD5" again will properly select both the SSL 2.0
- ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite.
-
- Since SSL 2.0 does not have any ciphersuites for which the
- 128/256 bit distinction would be relevant, this works for now.
- The proper fix will be to use different bits for AES128 and
- AES256, which would have avoided the problems from the beginning;
- however, bits are scarce, so we can only do this in a new release
- (not just a patchlevel) when we can change the SSL_CIPHER
- definition to split the single 'unsigned long mask' bitmap into
- multiple values to extend the available space.
-
- [Bodo Moeller]
-
- Changes between 0.9.8b and 0.9.8c [05 Sep 2006]
-
- *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
- (CVE-2006-4339) [Ben Laurie and Google Security Team]
-
- *) Add AES IGE and biIGE modes.
- [Ben Laurie]
-
- *) Change the Unix randomness entropy gathering to use poll() when
- possible instead of select(), since the latter has some
- undesirable limitations.
- [Darryl Miles via Richard Levitte and Bodo Moeller]
-
- *) Disable "ECCdraft" ciphersuites more thoroughly. Now special
- treatment in ssl/ssl_ciph.s makes sure that these ciphersuites
- cannot be implicitly activated as part of, e.g., the "AES" alias.
- However, please upgrade to OpenSSL 0.9.9[-dev] for
- non-experimental use of the ECC ciphersuites to get TLS extension
- support, which is required for curve and point format negotiation
- to avoid potential handshake problems.
- [Bodo Moeller]
-
- *) Disable rogue ciphersuites:
-
- - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
- - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
- - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
-
- The latter two were purportedly from
- draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
- appear there.
-
- Also deactive the remaining ciphersuites from
- draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as
- unofficial, and the ID has long expired.
- [Bodo Moeller]
-
- *) Fix RSA blinding Heisenbug (problems sometimes occured on
- dual-core machines) and other potential thread-safety issues.
- [Bodo Moeller]
-
- *) Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key
- versions), which is now available for royalty-free use
- (see http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html).
- Also, add Camellia TLS ciphersuites from RFC 4132.
-
- To minimize changes between patchlevels in the OpenSSL 0.9.8
- series, Camellia remains excluded from compilation unless OpenSSL
- is configured with 'enable-camellia'.
- [NTT]
-
- *) Disable the padding bug check when compression is in use. The padding
- bug check assumes the first packet is of even length, this is not
- necessarily true if compresssion is enabled and can result in false
- positives causing handshake failure. The actual bug test is ancient
- code so it is hoped that implementations will either have fixed it by
- now or any which still have the bug do not support compression.
- [Steve Henson]
-
- Changes between 0.9.8a and 0.9.8b [04 May 2006]
-
- *) When applying a cipher rule check to see if string match is an explicit
- cipher suite and only match that one cipher suite if it is.
- [Steve Henson]
-
- *) Link in manifests for VC++ if needed.
- [Austin Ziegler <halostatue@gmail.com>]
-
- *) Update support for ECC-based TLS ciphersuites according to
- draft-ietf-tls-ecc-12.txt with proposed changes (but without
- TLS extensions, which are supported starting with the 0.9.9
- branch, not in the OpenSSL 0.9.8 branch).
- [Douglas Stebila]
-
- *) New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() to support
- opaque EVP_CIPHER_CTX handling.
- [Steve Henson]
-
- *) Fixes and enhancements to zlib compression code. We now only use
- "zlib1.dll" and use the default __cdecl calling convention on Win32
- to conform with the standards mentioned here:
- http://www.zlib.net/DLL_FAQ.txt
- Static zlib linking now works on Windows and the new --with-zlib-include
- --with-zlib-lib options to Configure can be used to supply the location
- of the headers and library. Gracefully handle case where zlib library
- can't be loaded.
- [Steve Henson]
-
- *) Several fixes and enhancements to the OID generation code. The old code
- sometimes allowed invalid OIDs (1.X for X >= 40 for example), couldn't
- handle numbers larger than ULONG_MAX, truncated printing and had a
- non standard OBJ_obj2txt() behaviour.
- [Steve Henson]
-
- *) Add support for building of engines under engine/ as shared libraries
- under VC++ build system.
- [Steve Henson]
-
- *) Corrected the numerous bugs in the Win32 path splitter in DSO.
- Hopefully, we will not see any false combination of paths any more.
- [Richard Levitte]
-
- Changes between 0.9.8 and 0.9.8a [11 Oct 2005]
-
- *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
- (part of SSL_OP_ALL). This option used to disable the
- countermeasure against man-in-the-middle protocol-version
- rollback in the SSL 2.0 server implementation, which is a bad
- idea. (CVE-2005-2969)
-
- [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
- for Information Security, National Institute of Advanced Industrial
- Science and Technology [AIST], Japan)]
-
- *) Add two function to clear and return the verify parameter flags.
- [Steve Henson]
-
- *) Keep cipherlists sorted in the source instead of sorting them at
- runtime, thus removing the need for a lock.
- [Nils Larsch]
-
- *) Avoid some small subgroup attacks in Diffie-Hellman.
- [Nick Mathewson and Ben Laurie]
-
- *) Add functions for well-known primes.
- [Nick Mathewson]
-
- *) Extended Windows CE support.
- [Satoshi Nakamura and Andy Polyakov]
-
- *) Initialize SSL_METHOD structures at compile time instead of during
- runtime, thus removing the need for a lock.
- [Steve Henson]
-
- *) Make PKCS7_decrypt() work even if no certificate is supplied by
- attempting to decrypt each encrypted key in turn. Add support to
- smime utility.
- [Steve Henson]
-
- Changes between 0.9.7h and 0.9.8 [05 Jul 2005]
-
- [NB: OpenSSL 0.9.7i and later 0.9.7 patch levels were released after
- OpenSSL 0.9.8.]
-
- *) Add libcrypto.pc and libssl.pc for those who feel they need them.
- [Richard Levitte]
-
- *) Change CA.sh and CA.pl so they don't bundle the CSR and the private
- key into the same file any more.
- [Richard Levitte]
-
- *) Add initial support for Win64, both IA64 and AMD64/x64 flavors.
- [Andy Polyakov]
-
- *) Add -utf8 command line and config file option to 'ca'.
- [Stefan <stf@udoma.org]
-
- *) Removed the macro des_crypt(), as it seems to conflict with some
- libraries. Use DES_crypt().
- [Richard Levitte]
-
- *) Correct naming of the 'chil' and '4758cca' ENGINEs. This
- involves renaming the source and generated shared-libs for
- both. The engines will accept the corrected or legacy ids
- ('ncipher' and '4758_cca' respectively) when binding. NB,
- this only applies when building 'shared'.
- [Corinna Vinschen <vinschen@redhat.com> and Geoff Thorpe]
-
- *) Add attribute functions to EVP_PKEY structure. Modify
- PKCS12_create() to recognize a CSP name attribute and
- use it. Make -CSP option work again in pkcs12 utility.
- [Steve Henson]
-
- *) Add new functionality to the bn blinding code:
- - automatic re-creation of the BN_BLINDING parameters after
- a fixed number of uses (currently 32)
- - add new function for parameter creation
- - introduce flags to control the update behaviour of the
- BN_BLINDING parameters
- - hide BN_BLINDING structure
- Add a second BN_BLINDING slot to the RSA structure to improve
- performance when a single RSA object is shared among several
- threads.
- [Nils Larsch]
-
- *) Add support for DTLS.
- [Nagendra Modadugu <nagendra@cs.stanford.edu> and Ben Laurie]
-
- *) Add support for DER encoded private keys (SSL_FILETYPE_ASN1)
- to SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file()
- [Walter Goulet]
-
- *) Remove buggy and incompletet DH cert support from
- ssl/ssl_rsa.c and ssl/s3_both.c
- [Nils Larsch]
-
- *) Use SHA-1 instead of MD5 as the default digest algorithm for
- the apps/openssl applications.
- [Nils Larsch]
-
- *) Compile clean with "-Wall -Wmissing-prototypes
- -Wstrict-prototypes -Wmissing-declarations -Werror". Currently
- DEBUG_SAFESTACK must also be set.
- [Ben Laurie]
-
- *) Change ./Configure so that certain algorithms can be disabled by default.
- The new counterpiece to "no-xxx" is "enable-xxx".
-
- The patented RC5 and MDC2 algorithms will now be disabled unless
- "enable-rc5" and "enable-mdc2", respectively, are specified.
-
- (IDEA remains enabled despite being patented. This is because IDEA
- is frequently required for interoperability, and there is no license
- fee for non-commercial use. As before, "no-idea" can be used to
- avoid this algorithm.)
-
- [Bodo Moeller]
-
- *) Add processing of proxy certificates (see RFC 3820). This work was
- sponsored by KTH (The Royal Institute of Technology in Stockholm) and
- EGEE (Enabling Grids for E-science in Europe).
- [Richard Levitte]
-
- *) RC4 performance overhaul on modern architectures/implementations, such
- as Intel P4, IA-64 and AMD64.
- [Andy Polyakov]
-
- *) New utility extract-section.pl. This can be used specify an alternative
- section number in a pod file instead of having to treat each file as
- a separate case in Makefile. This can be done by adding two lines to the
- pod file:
-
- =for comment openssl_section:XXX
-
- The blank line is mandatory.
-
- [Steve Henson]
-
- *) New arguments -certform, -keyform and -pass for s_client and s_server
- to allow alternative format key and certificate files and passphrase
- sources.
- [Steve Henson]
-
- *) New structure X509_VERIFY_PARAM which combines current verify parameters,
- update associated structures and add various utility functions.
-
- Add new policy related verify parameters, include policy checking in
- standard verify code. Enhance 'smime' application with extra parameters
- to support policy checking and print out.
- [Steve Henson]
-
- *) Add a new engine to support VIA PadLock ACE extensions in the VIA C3
- Nehemiah processors. These extensions support AES encryption in hardware
- as well as RNG (though RNG support is currently disabled).
- [Michal Ludvig <michal@logix.cz>, with help from Andy Polyakov]
-
- *) Deprecate BN_[get|set]_params() functions (they were ignored internally).
- [Geoff Thorpe]
-
- *) New FIPS 180-2 algorithms, SHA-224/-256/-384/-512 are implemented.
- [Andy Polyakov and a number of other people]
-
- *) Improved PowerPC platform support. Most notably BIGNUM assembler
- implementation contributed by IBM.
- [Suresh Chari, Peter Waltenberg, Andy Polyakov]
-
- *) The new 'RSA_generate_key_ex' function now takes a BIGNUM for the public
- exponent rather than 'unsigned long'. There is a corresponding change to
- the new 'rsa_keygen' element of the RSA_METHOD structure.
- [Jelte Jansen, Geoff Thorpe]
-
- *) Functionality for creating the initial serial number file is now
- moved from CA.pl to the 'ca' utility with a new option -create_serial.
-
- (Before OpenSSL 0.9.7e, CA.pl used to initialize the serial
- number file to 1, which is bound to cause problems. To avoid
- the problems while respecting compatibility between different 0.9.7
- patchlevels, 0.9.7e employed 'openssl x509 -next_serial' in
- CA.pl for serial number initialization. With the new release 0.9.8,
- we can fix the problem directly in the 'ca' utility.)
- [Steve Henson]
-
- *) Reduced header interdepencies by declaring more opaque objects in
- ossl_typ.h. As a consequence, including some headers (eg. engine.h) will
- give fewer recursive includes, which could break lazy source code - so
- this change is covered by the OPENSSL_NO_DEPRECATED symbol. As always,
- developers should define this symbol when building and using openssl to
- ensure they track the recommended behaviour, interfaces, [etc], but
- backwards-compatible behaviour prevails when this isn't defined.
- [Geoff Thorpe]
-
- *) New function X509_POLICY_NODE_print() which prints out policy nodes.
- [Steve Henson]
-
- *) Add new EVP function EVP_CIPHER_CTX_rand_key and associated functionality.
- This will generate a random key of the appropriate length based on the
- cipher context. The EVP_CIPHER can provide its own random key generation
- routine to support keys of a specific form. This is used in the des and
- 3des routines to generate a key of the correct parity. Update S/MIME
- code to use new functions and hence generate correct parity DES keys.
- Add EVP_CHECK_DES_KEY #define to return an error if the key is not
- valid (weak or incorrect parity).
- [Steve Henson]
-
- *) Add a local set of CRLs that can be used by X509_verify_cert() as well
- as looking them up. This is useful when the verified structure may contain
- CRLs, for example PKCS#7 signedData. Modify PKCS7_verify() to use any CRLs
- present unless the new PKCS7_NO_CRL flag is asserted.
- [Steve Henson]
-
- *) Extend ASN1 oid configuration module. It now additionally accepts the
- syntax:
-
- shortName = some long name, 1.2.3.4
- [Steve Henson]
-
- *) Reimplemented the BN_CTX implementation. There is now no more static
- limitation on the number of variables it can handle nor the depth of the
- "stack" handling for BN_CTX_start()/BN_CTX_end() pairs. The stack
- information can now expand as required, and rather than having a single
- static array of bignums, BN_CTX now uses a linked-list of such arrays
- allowing it to expand on demand whilst maintaining the usefulness of
- BN_CTX's "bundling".
- [Geoff Thorpe]
-
- *) Add a missing BN_CTX parameter to the 'rsa_mod_exp' callback in RSA_METHOD
- to allow all RSA operations to function using a single BN_CTX.
- [Geoff Thorpe]
-
- *) Preliminary support for certificate policy evaluation and checking. This
- is initially intended to pass the tests outlined in "Conformance Testing
- of Relying Party Client Certificate Path Processing Logic" v1.07.
- [Steve Henson]
-
- *) bn_dup_expand() has been deprecated, it was introduced in 0.9.7 and
- remained unused and not that useful. A variety of other little bignum
- tweaks and fixes have also been made continuing on from the audit (see
- below).
- [Geoff Thorpe]
-
- *) Constify all or almost all d2i, c2i, s2i and r2i functions, along with
- associated ASN1, EVP and SSL functions and old ASN1 macros.
- [Richard Levitte]
-
- *) BN_zero() only needs to set 'top' and 'neg' to zero for correct results,
- and this should never fail. So the return value from the use of
- BN_set_word() (which can fail due to needless expansion) is now deprecated;
- if OPENSSL_NO_DEPRECATED is defined, BN_zero() is a void macro.
- [Geoff Thorpe]
-
- *) BN_CTX_get() should return zero-valued bignums, providing the same
- initialised value as BN_new().
- [Geoff Thorpe, suggested by Ulf Möller]
-
- *) Support for inhibitAnyPolicy certificate extension.
- [Steve Henson]
-
- *) An audit of the BIGNUM code is underway, for which debugging code is
- enabled when BN_DEBUG is defined. This makes stricter enforcements on what
- is considered valid when processing BIGNUMs, and causes execution to
- assert() when a problem is discovered. If BN_DEBUG_RAND is defined,
- further steps are taken to deliberately pollute unused data in BIGNUM
- structures to try and expose faulty code further on. For now, openssl will
- (in its default mode of operation) continue to tolerate the inconsistent
- forms that it has tolerated in the past, but authors and packagers should
- consider trying openssl and their own applications when compiled with
- these debugging symbols defined. It will help highlight potential bugs in
- their own code, and will improve the test coverage for OpenSSL itself. At
- some point, these tighter rules will become openssl's default to improve
- maintainability, though the assert()s and other overheads will remain only
- in debugging configurations. See bn.h for more details.
- [Geoff Thorpe, Nils Larsch, Ulf Möller]
-
- *) BN_CTX_init() has been deprecated, as BN_CTX is an opaque structure
- that can only be obtained through BN_CTX_new() (which implicitly
- initialises it). The presence of this function only made it possible
- to overwrite an existing structure (and cause memory leaks).
- [Geoff Thorpe]
-
- *) Because of the callback-based approach for implementing LHASH as a
- template type, lh_insert() adds opaque objects to hash-tables and
- lh_doall() or lh_doall_arg() are typically used with a destructor callback
- to clean up those corresponding objects before destroying the hash table
- (and losing the object pointers). So some over-zealous constifications in
- LHASH have been relaxed so that lh_insert() does not take (nor store) the
- objects as "const" and the lh_doall[_arg] callback wrappers are not
- prototyped to have "const" restrictions on the object pointers they are
- given (and so aren't required to cast them away any more).
- [Geoff Thorpe]
-
- *) The tmdiff.h API was so ugly and minimal that our own timing utility
- (speed) prefers to use its own implementation. The two implementations
- haven't been consolidated as yet (volunteers?) but the tmdiff API has had
- its object type properly exposed (MS_TM) instead of casting to/from "char
- *". This may still change yet if someone realises MS_TM and "ms_time_***"
- aren't necessarily the greatest nomenclatures - but this is what was used
- internally to the implementation so I've used that for now.
- [Geoff Thorpe]
-
- *) Ensure that deprecated functions do not get compiled when
- OPENSSL_NO_DEPRECATED is defined. Some "openssl" subcommands and a few of
- the self-tests were still using deprecated key-generation functions so
- these have been updated also.
- [Geoff Thorpe]
-
- *) Reorganise PKCS#7 code to separate the digest location functionality
- into PKCS7_find_digest(), digest addtion into PKCS7_bio_add_digest().
- New function PKCS7_set_digest() to set the digest type for PKCS#7
- digestedData type. Add additional code to correctly generate the
- digestedData type and add support for this type in PKCS7 initialization
- functions.
- [Steve Henson]
-
- *) New function PKCS7_set0_type_other() this initializes a PKCS7
- structure of type "other".
- [Steve Henson]
-
- *) Fix prime generation loop in crypto/bn/bn_prime.pl by making
- sure the loop does correctly stop and breaking ("division by zero")
- modulus operations are not performed. The (pre-generated) prime
- table crypto/bn/bn_prime.h was already correct, but it could not be
- re-generated on some platforms because of the "division by zero"
- situation in the script.
- [Ralf S. Engelschall]
-
- *) Update support for ECC-based TLS ciphersuites according to
- draft-ietf-tls-ecc-03.txt: the KDF1 key derivation function with
- SHA-1 now is only used for "small" curves (where the
- representation of a field element takes up to 24 bytes); for
- larger curves, the field element resulting from ECDH is directly
- used as premaster secret.
- [Douglas Stebila (Sun Microsystems Laboratories)]
-
- *) Add code for kP+lQ timings to crypto/ec/ectest.c, and add SEC2
- curve secp160r1 to the tests.
- [Douglas Stebila (Sun Microsystems Laboratories)]
-
- *) Add the possibility to load symbols globally with DSO.
- [Götz Babin-Ebell <babin-ebell@trustcenter.de> via Richard Levitte]
-
- *) Add the functions ERR_set_mark() and ERR_pop_to_mark() for better
- control of the error stack.
- [Richard Levitte]
-
- *) Add support for STORE in ENGINE.
- [Richard Levitte]
-
- *) Add the STORE type. The intention is to provide a common interface
- to certificate and key stores, be they simple file-based stores, or
- HSM-type store, or LDAP stores, or...
- NOTE: The code is currently UNTESTED and isn't really used anywhere.
- [Richard Levitte]
-
- *) Add a generic structure called OPENSSL_ITEM. This can be used to
- pass a list of arguments to any function as well as provide a way
- for a function to pass data back to the caller.
- [Richard Levitte]
-
- *) Add the functions BUF_strndup() and BUF_memdup(). BUF_strndup()
- works like BUF_strdup() but can be used to duplicate a portion of
- a string. The copy gets NUL-terminated. BUF_memdup() duplicates
- a memory area.
- [Richard Levitte]
-
- *) Add the function sk_find_ex() which works like sk_find(), but will
- return an index to an element even if an exact match couldn't be
- found. The index is guaranteed to point at the element where the
- searched-for key would be inserted to preserve sorting order.
- [Richard Levitte]
-
- *) Add the function OBJ_bsearch_ex() which works like OBJ_bsearch() but
- takes an extra flags argument for optional functionality. Currently,
- the following flags are defined:
-
- OBJ_BSEARCH_VALUE_ON_NOMATCH
- This one gets OBJ_bsearch_ex() to return a pointer to the first
- element where the comparing function returns a negative or zero
- number.
-
- OBJ_BSEARCH_FIRST_VALUE_ON_MATCH
- This one gets OBJ_bsearch_ex() to return a pointer to the first
- element where the comparing function returns zero. This is useful
- if there are more than one element where the comparing function
- returns zero.
- [Richard Levitte]
-
- *) Make it possible to create self-signed certificates with 'openssl ca'
- in such a way that the self-signed certificate becomes part of the
- CA database and uses the same mechanisms for serial number generation
- as all other certificate signing. The new flag '-selfsign' enables
- this functionality. Adapt CA.sh and CA.pl.in.
- [Richard Levitte]
-
- *) Add functionality to check the public key of a certificate request
- against a given private. This is useful to check that a certificate
- request can be signed by that key (self-signing).
- [Richard Levitte]
-
- *) Make it possible to have multiple active certificates with the same
- subject in the CA index file. This is done only if the keyword
- 'unique_subject' is set to 'no' in the main CA section (default
- if 'CA_default') of the configuration file. The value is saved
- with the database itself in a separate index attribute file,
- named like the index file with '.attr' appended to the name.
- [Richard Levitte]
-
- *) Generate muti valued AVAs using '+' notation in config files for
- req and dirName.
- [Steve Henson]
-
- *) Support for nameConstraints certificate extension.
- [Steve Henson]
-
- *) Support for policyConstraints certificate extension.
- [Steve Henson]
-
- *) Support for policyMappings certificate extension.
- [Steve Henson]
-
- *) Make sure the default DSA_METHOD implementation only uses its
- dsa_mod_exp() and/or bn_mod_exp() handlers if they are non-NULL,
- and change its own handlers to be NULL so as to remove unnecessary
- indirection. This lets alternative implementations fallback to the
- default implementation more easily.
- [Geoff Thorpe]
-
- *) Support for directoryName in GeneralName related extensions
- in config files.
- [Steve Henson]
-
- *) Make it possible to link applications using Makefile.shared.
- Make that possible even when linking against static libraries!
- [Richard Levitte]
-
- *) Support for single pass processing for S/MIME signing. This now
- means that S/MIME signing can be done from a pipe, in addition
- cleartext signing (multipart/signed type) is effectively streaming
- and the signed data does not need to be all held in memory.
-
- This is done with a new flag PKCS7_STREAM. When this flag is set
- PKCS7_sign() only initializes the PKCS7 structure and the actual signing
- is done after the data is output (and digests calculated) in
- SMIME_write_PKCS7().
- [Steve Henson]
-
- *) Add full support for -rpath/-R, both in shared libraries and
- applications, at least on the platforms where it's known how
- to do it.
- [Richard Levitte]
-
- *) In crypto/ec/ec_mult.c, implement fast point multiplication with
- precomputation, based on wNAF splitting: EC_GROUP_precompute_mult()
- will now compute a table of multiples of the generator that
- makes subsequent invocations of EC_POINTs_mul() or EC_POINT_mul()
- faster (notably in the case of a single point multiplication,
- scalar * generator).
- [Nils Larsch, Bodo Moeller]
-
- *) IPv6 support for certificate extensions. The various extensions
- which use the IP:a.b.c.d can now take IPv6 addresses using the
- formats of RFC1884 2.2 . IPv6 addresses are now also displayed
- correctly.
- [Steve Henson]
-
- *) Added an ENGINE that implements RSA by performing private key
- exponentiations with the GMP library. The conversions to and from
- GMP's mpz_t format aren't optimised nor are any montgomery forms
- cached, and on x86 it appears OpenSSL's own performance has caught up.
- However there are likely to be other architectures where GMP could
- provide a boost. This ENGINE is not built in by default, but it can be
- specified at Configure time and should be accompanied by the necessary
- linker additions, eg;
- ./config -DOPENSSL_USE_GMP -lgmp
- [Geoff Thorpe]
-
- *) "openssl engine" will not display ENGINE/DSO load failure errors when
- testing availability of engines with "-t" - the old behaviour is
- produced by increasing the feature's verbosity with "-tt".
- [Geoff Thorpe]
-
- *) ECDSA routines: under certain error conditions uninitialized BN objects
- could be freed. Solution: make sure initialization is performed early
- enough. (Reported and fix supplied by Nils Larsch <nla@trustcenter.de>
- via PR#459)
- [Lutz Jaenicke]
-
- *) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD
- and DH_METHOD (eg. by ENGINE implementations) to override the normal
- software implementations. For DSA and DH, parameter generation can
- also be overriden by providing the appropriate method callbacks.
- [Geoff Thorpe]
-
- *) Change the "progress" mechanism used in key-generation and
- primality testing to functions that take a new BN_GENCB pointer in
- place of callback/argument pairs. The new API functions have "_ex"
- postfixes and the older functions are reimplemented as wrappers for
- the new ones. The OPENSSL_NO_DEPRECATED symbol can be used to hide
- declarations of the old functions to help (graceful) attempts to
- migrate to the new functions. Also, the new key-generation API
- functions operate on a caller-supplied key-structure and return
- success/failure rather than returning a key or NULL - this is to
- help make "keygen" another member function of RSA_METHOD etc.
-
- Example for using the new callback interface:
-
- int (*my_callback)(int a, int b, BN_GENCB *cb) = ...;
- void *my_arg = ...;
- BN_GENCB my_cb;
-
- BN_GENCB_set(&my_cb, my_callback, my_arg);
-
- return BN_is_prime_ex(some_bignum, BN_prime_checks, NULL, &cb);
- /* For the meaning of a, b in calls to my_callback(), see the
- * documentation of the function that calls the callback.
- * cb will point to my_cb; my_arg can be retrieved as cb->arg.
- * my_callback should return 1 if it wants BN_is_prime_ex()
- * to continue, or 0 to stop.
- */
-
- [Geoff Thorpe]
-
- *) Change the ZLIB compression method to be stateful, and make it
- available to TLS with the number defined in
- draft-ietf-tls-compression-04.txt.
- [Richard Levitte]
-
- *) Add the ASN.1 structures and functions for CertificatePair, which
- is defined as follows (according to X.509_4thEditionDraftV6.pdf):
-
- CertificatePair ::= SEQUENCE {
- forward [0] Certificate OPTIONAL,
- reverse [1] Certificate OPTIONAL,
- -- at least one of the pair shall be present -- }
-
- Also implement the PEM functions to read and write certificate
- pairs, and defined the PEM tag as "CERTIFICATE PAIR".
-
- This needed to be defined, mostly for the sake of the LDAP
- attribute crossCertificatePair, but may prove useful elsewhere as
- well.
- [Richard Levitte]
-
- *) Make it possible to inhibit symlinking of shared libraries in
- Makefile.shared, for Cygwin's sake.
- [Richard Levitte]
-
- *) Extend the BIGNUM API by creating a function
- void BN_set_negative(BIGNUM *a, int neg);
- and a macro that behave like
- int BN_is_negative(const BIGNUM *a);
-
- to avoid the need to access 'a->neg' directly in applications.
- [Nils Larsch]
-
- *) Implement fast modular reduction for pseudo-Mersenne primes
- used in NIST curves (crypto/bn/bn_nist.c, crypto/ec/ecp_nist.c).
- EC_GROUP_new_curve_GFp() will now automatically use this
- if applicable.
- [Nils Larsch <nla@trustcenter.de>]
-
- *) Add new lock type (CRYPTO_LOCK_BN).
- [Bodo Moeller]
-
- *) Change the ENGINE framework to automatically load engines
- dynamically from specific directories unless they could be
- found to already be built in or loaded. Move all the
- current engines except for the cryptodev one to a new
- directory engines/.
- The engines in engines/ are built as shared libraries if
- the "shared" options was given to ./Configure or ./config.
- Otherwise, they are inserted in libcrypto.a.
- /usr/local/ssl/engines is the default directory for dynamic
- engines, but that can be overriden at configure time through
- the usual use of --prefix and/or --openssldir, and at run
- time with the environment variable OPENSSL_ENGINES.
- [Geoff Thorpe and Richard Levitte]
-
- *) Add Makefile.shared, a helper makefile to build shared
- libraries. Addapt Makefile.org.
- [Richard Levitte]
-
- *) Add version info to Win32 DLLs.
- [Peter 'Luna' Runestig" <peter@runestig.com>]
-
- *) Add new 'medium level' PKCS#12 API. Certificates and keys
- can be added using this API to created arbitrary PKCS#12
- files while avoiding the low level API.
-
- New options to PKCS12_create(), key or cert can be NULL and
- will then be omitted from the output file. The encryption
- algorithm NIDs can be set to -1 for no encryption, the mac
- iteration count can be set to 0 to omit the mac.
-
- Enhance pkcs12 utility by making the -nokeys and -nocerts
- options work when creating a PKCS#12 file. New option -nomac
- to omit the mac, NONE can be set for an encryption algorithm.
- New code is modified to use the enhanced PKCS12_create()
- instead of the low level API.
- [Steve Henson]
-
- *) Extend ASN1 encoder to support indefinite length constructed
- encoding. This can output sequences tags and octet strings in
- this form. Modify pk7_asn1.c to support indefinite length
- encoding. This is experimental and needs additional code to
- be useful, such as an ASN1 bio and some enhanced streaming
- PKCS#7 code.
-
- Extend template encode functionality so that tagging is passed
- down to the template encoder.
- [Steve Henson]
-
- *) Let 'openssl req' fail if an argument to '-newkey' is not
- recognized instead of using RSA as a default.
- [Bodo Moeller]
-
- *) Add support for ECC-based ciphersuites from draft-ietf-tls-ecc-01.txt.
- As these are not official, they are not included in "ALL";
- the "ECCdraft" ciphersuite group alias can be used to select them.
- [Vipul Gupta and Sumit Gupta (Sun Microsystems Laboratories)]
-
- *) Add ECDH engine support.
- [Nils Gura and Douglas Stebila (Sun Microsystems Laboratories)]
-
- *) Add ECDH in new directory crypto/ecdh/.
- [Douglas Stebila (Sun Microsystems Laboratories)]
-
- *) Let BN_rand_range() abort with an error after 100 iterations
- without success (which indicates a broken PRNG).
- [Bodo Moeller]
-
- *) Change BN_mod_sqrt() so that it verifies that the input value
- is really the square of the return value. (Previously,
- BN_mod_sqrt would show GIGO behaviour.)
- [Bodo Moeller]
-
- *) Add named elliptic curves over binary fields from X9.62, SECG,
- and WAP/WTLS; add OIDs that were still missing.
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) Extend the EC library for elliptic curves over binary fields
- (new files ec2_smpl.c, ec2_smpt.c, ec2_mult.c in crypto/ec/).
- New EC_METHOD:
-
- EC_GF2m_simple_method
-
- New API functions:
-
- EC_GROUP_new_curve_GF2m
- EC_GROUP_set_curve_GF2m
- EC_GROUP_get_curve_GF2m
- EC_POINT_set_affine_coordinates_GF2m
- EC_POINT_get_affine_coordinates_GF2m
- EC_POINT_set_compressed_coordinates_GF2m
-
- Point compression for binary fields is disabled by default for
- patent reasons (compile with OPENSSL_EC_BIN_PT_COMP defined to
- enable it).
-
- As binary polynomials are represented as BIGNUMs, various members
- of the EC_GROUP and EC_POINT data structures can be shared
- between the implementations for prime fields and binary fields;
- the above ..._GF2m functions (except for EX_GROUP_new_curve_GF2m)
- are essentially identical to their ..._GFp counterparts.
- (For simplicity, the '..._GFp' prefix has been dropped from
- various internal method names.)
-
- An internal 'field_div' method (similar to 'field_mul' and
- 'field_sqr') has been added; this is used only for binary fields.
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) Optionally dispatch EC_POINT_mul(), EC_POINT_precompute_mult()
- through methods ('mul', 'precompute_mult').
-
- The generic implementations (now internally called 'ec_wNAF_mul'
- and 'ec_wNAF_precomputed_mult') remain the default if these
- methods are undefined.
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) New function EC_GROUP_get_degree, which is defined through
- EC_METHOD. For curves over prime fields, this returns the bit
- length of the modulus.
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) New functions EC_GROUP_dup, EC_POINT_dup.
- (These simply call ..._new and ..._copy).
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) Add binary polynomial arithmetic software in crypto/bn/bn_gf2m.c.
- Polynomials are represented as BIGNUMs (where the sign bit is not
- used) in the following functions [macros]:
-
- BN_GF2m_add
- BN_GF2m_sub [= BN_GF2m_add]
- BN_GF2m_mod [wrapper for BN_GF2m_mod_arr]
- BN_GF2m_mod_mul [wrapper for BN_GF2m_mod_mul_arr]
- BN_GF2m_mod_sqr [wrapper for BN_GF2m_mod_sqr_arr]
- BN_GF2m_mod_inv
- BN_GF2m_mod_exp [wrapper for BN_GF2m_mod_exp_arr]
- BN_GF2m_mod_sqrt [wrapper for BN_GF2m_mod_sqrt_arr]
- BN_GF2m_mod_solve_quad [wrapper for BN_GF2m_mod_solve_quad_arr]
- BN_GF2m_cmp [= BN_ucmp]
-
- (Note that only the 'mod' functions are actually for fields GF(2^m).
- BN_GF2m_add() is misnomer, but this is for the sake of consistency.)
-
- For some functions, an the irreducible polynomial defining a
- field can be given as an 'unsigned int[]' with strictly
- decreasing elements giving the indices of those bits that are set;
- i.e., p[] represents the polynomial
- f(t) = t^p[0] + t^p[1] + ... + t^p[k]
- where
- p[0] > p[1] > ... > p[k] = 0.
- This applies to the following functions:
-
- BN_GF2m_mod_arr
- BN_GF2m_mod_mul_arr
- BN_GF2m_mod_sqr_arr
- BN_GF2m_mod_inv_arr [wrapper for BN_GF2m_mod_inv]
- BN_GF2m_mod_div_arr [wrapper for BN_GF2m_mod_div]
- BN_GF2m_mod_exp_arr
- BN_GF2m_mod_sqrt_arr
- BN_GF2m_mod_solve_quad_arr
- BN_GF2m_poly2arr
- BN_GF2m_arr2poly
-
- Conversion can be performed by the following functions:
-
- BN_GF2m_poly2arr
- BN_GF2m_arr2poly
-
- bntest.c has additional tests for binary polynomial arithmetic.
-
- Two implementations for BN_GF2m_mod_div() are available.
- The default algorithm simply uses BN_GF2m_mod_inv() and
- BN_GF2m_mod_mul(). The alternative algorithm is compiled in only
- if OPENSSL_SUN_GF2M_DIV is defined (patent pending; read the
- copyright notice in crypto/bn/bn_gf2m.c before enabling it).
-
- [Sheueling Chang Shantz and Douglas Stebila
- (Sun Microsystems Laboratories)]
-
- *) Add new error code 'ERR_R_DISABLED' that can be used when some
- functionality is disabled at compile-time.
- [Douglas Stebila <douglas.stebila@sun.com>]
-
- *) Change default behaviour of 'openssl asn1parse' so that more
- information is visible when viewing, e.g., a certificate:
-
- Modify asn1_parse2 (crypto/asn1/asn1_par.c) so that in non-'dump'
- mode the content of non-printable OCTET STRINGs is output in a
- style similar to INTEGERs, but with '[HEX DUMP]' prepended to
- avoid the appearance of a printable string.
- [Nils Larsch <nla@trustcenter.de>]
-
- *) Add 'asn1_flag' and 'asn1_form' member to EC_GROUP with access
- functions
- EC_GROUP_set_asn1_flag()
- EC_GROUP_get_asn1_flag()
- EC_GROUP_set_point_conversion_form()
- EC_GROUP_get_point_conversion_form()
- These control ASN1 encoding details:
- - Curves (i.e., groups) are encoded explicitly unless asn1_flag
- has been set to OPENSSL_EC_NAMED_CURVE.
- - Points are encoded in uncompressed form by default; options for
- asn1_for are as for point2oct, namely
- POINT_CONVERSION_COMPRESSED
- POINT_CONVERSION_UNCOMPRESSED
- POINT_CONVERSION_HYBRID
-
- Also add 'seed' and 'seed_len' members to EC_GROUP with access
- functions
- EC_GROUP_set_seed()
- EC_GROUP_get0_seed()
- EC_GROUP_get_seed_len()
- This is used only for ASN1 purposes (so far).
- [Nils Larsch <nla@trustcenter.de>]
-
- *) Add 'field_type' member to EC_METHOD, which holds the NID
- of the appropriate field type OID. The new function
- EC_METHOD_get_field_type() returns this value.
- [Nils Larsch <nla@trustcenter.de>]
-
- *) Add functions
- EC_POINT_point2bn()
- EC_POINT_bn2point()
- EC_POINT_point2hex()
- EC_POINT_hex2point()
- providing useful interfaces to EC_POINT_point2oct() and
- EC_POINT_oct2point().
- [Nils Larsch <nla@trustcenter.de>]
-
- *) Change internals of the EC library so that the functions
- EC_GROUP_set_generator()
- EC_GROUP_get_generator()
- EC_GROUP_get_order()
- EC_GROUP_get_cofactor()
- are implemented directly in crypto/ec/ec_lib.c and not dispatched
- to methods, which would lead to unnecessary code duplication when
- adding different types of curves.
- [Nils Larsch <nla@trustcenter.de> with input by Bodo Moeller]
-
- *) Implement compute_wNAF (crypto/ec/ec_mult.c) without BIGNUM
- arithmetic, and such that modified wNAFs are generated
- (which avoid length expansion in many cases).
- [Bodo Moeller]
-
- *) Add a function EC_GROUP_check_discriminant() (defined via
- EC_METHOD) that verifies that the curve discriminant is non-zero.
-
- Add a function EC_GROUP_check() that makes some sanity tests
- on a EC_GROUP, its generator and order. This includes
- EC_GROUP_check_discriminant().
- [Nils Larsch <nla@trustcenter.de>]
-
- *) Add ECDSA in new directory crypto/ecdsa/.
-
- Add applications 'openssl ecparam' and 'openssl ecdsa'
- (these are based on 'openssl dsaparam' and 'openssl dsa').
-
- ECDSA support is also included in various other files across the
- library. Most notably,
- - 'openssl req' now has a '-newkey ecdsa:file' option;
- - EVP_PKCS82PKEY (crypto/evp/evp_pkey.c) now can handle ECDSA;
- - X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and
- d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make
- them suitable for ECDSA where domain parameters must be
- extracted before the specific public key;
- - ECDSA engine support has been added.
- [Nils Larsch <nla@trustcenter.de>]
-
- *) Include some named elliptic curves, and add OIDs from X9.62,
- SECG, and WAP/WTLS. Each curve can be obtained from the new
- function
- EC_GROUP_new_by_curve_name(),
- and the list of available named curves can be obtained with
- EC_get_builtin_curves().
- Also add a 'curve_name' member to EC_GROUP objects, which can be
- accessed via
- EC_GROUP_set_curve_name()
- EC_GROUP_get_curve_name()
- [Nils Larsch <larsch@trustcenter.de, Bodo Moeller]
-
- *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
- was actually never needed) and in BN_mul(). The removal in BN_mul()
- required a small change in bn_mul_part_recursive() and the addition
- of the functions bn_cmp_part_words(), bn_sub_part_words() and
- bn_add_part_words(), which do the same thing as bn_cmp_words(),
- bn_sub_words() and bn_add_words() except they take arrays with
- differing sizes.
- [Richard Levitte]
-
- Changes between 0.9.7k and 0.9.7l [xx XXX xxxx]
-
- *) Change ciphersuite string processing so that an explicit
- ciphersuite selects this one ciphersuite (so that "AES256-SHA"
- will no longer include "AES128-SHA"), and any other similar
- ciphersuite (same bitmap) from *other* protocol versions (so that
- "RC4-MD5" will still include both the SSL 2.0 ciphersuite and the
- SSL 3.0/TLS 1.0 ciphersuite). This is a backport combining
- changes from 0.9.8b and 0.9.8d.
- [Bodo Moeller]
-
- Changes between 0.9.7j and 0.9.7k [05 Sep 2006]
-
- *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
- (CVE-2006-4339) [Ben Laurie and Google Security Team]
-
- *) Change the Unix randomness entropy gathering to use poll() when
- possible instead of select(), since the latter has some
- undesirable limitations.
- [Darryl Miles via Richard Levitte and Bodo Moeller]
-
- *) Disable rogue ciphersuites:
-
- - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
- - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
- - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
-
- The latter two were purportedly from
- draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
- appear there.
-
- Also deactive the remaining ciphersuites from
- draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as
- unofficial, and the ID has long expired.
- [Bodo Moeller]
-
- *) Fix RSA blinding Heisenbug (problems sometimes occured on
- dual-core machines) and other potential thread-safety issues.
- [Bodo Moeller]
-
- Changes between 0.9.7i and 0.9.7j [04 May 2006]
-
- *) Adapt fipsld and the build system to link against the validated FIPS
- module in FIPS mode.
- [Steve Henson]
-
- *) Fixes for VC++ 2005 build under Windows.
- [Steve Henson]
-
- *) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make
- from a Windows bash shell such as MSYS. It is autodetected from the
- "config" script when run from a VC++ environment. Modify standard VC++
- build to use fipscanister.o from the GNU make build.
- [Steve Henson]
-
- Changes between 0.9.7h and 0.9.7i [14 Oct 2005]
-
- *) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS.
- The value now differs depending on if you build for FIPS or not.
- BEWARE! A program linked with a shared FIPSed libcrypto can't be
- safely run with a non-FIPSed libcrypto, as it may crash because of
- the difference induced by this change.
- [Andy Polyakov]
-
- Changes between 0.9.7g and 0.9.7h [11 Oct 2005]
-
- *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
- (part of SSL_OP_ALL). This option used to disable the
- countermeasure against man-in-the-middle protocol-version
- rollback in the SSL 2.0 server implementation, which is a bad
- idea. (CVE-2005-2969)
-
- [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
- for Information Security, National Institute of Advanced Industrial
- Science and Technology [AIST], Japan)]
-
- *) Minimal support for X9.31 signatures and PSS padding modes. This is
- mainly for FIPS compliance and not fully integrated at this stage.
- [Steve Henson]
-
- *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform
- the exponentiation using a fixed-length exponent. (Otherwise,
- the information leaked through timing could expose the secret key
- after many signatures; cf. Bleichenbacher's attack on DSA with
- biased k.)
- [Bodo Moeller]
-
- *) Make a new fixed-window mod_exp implementation the default for
- RSA, DSA, and DH private-key operations so that the sequence of
- squares and multiplies and the memory access pattern are
- independent of the particular secret key. This will mitigate
- cache-timing and potential related attacks.
-
- BN_mod_exp_mont_consttime() is the new exponentiation implementation,
- and this is automatically used by BN_mod_exp_mont() if the new flag
- BN_FLG_EXP_CONSTTIME is set for the exponent. RSA, DSA, and DH
- will use this BN flag for private exponents unless the flag
- RSA_FLAG_NO_EXP_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME, or
- DH_FLAG_NO_EXP_CONSTTIME, respectively, is set.
-
- [Matthew D Wood (Intel Corp), with some changes by Bodo Moeller]
-
- *) Change the client implementation for SSLv23_method() and
- SSLv23_client_method() so that is uses the SSL 3.0/TLS 1.0
- Client Hello message format if the SSL_OP_NO_SSLv2 option is set.
- (Previously, the SSL 2.0 backwards compatible Client Hello
- message format would be used even with SSL_OP_NO_SSLv2.)
- [Bodo Moeller]
-
- *) Add support for smime-type MIME parameter in S/MIME messages which some
- clients need.
- [Steve Henson]
-
- *) New function BN_MONT_CTX_set_locked() to set montgomery parameters in
- a threadsafe manner. Modify rsa code to use new function and add calls
- to dsa and dh code (which had race conditions before).
- [Steve Henson]
-
- *) Include the fixed error library code in the C error file definitions
- instead of fixing them up at runtime. This keeps the error code
- structures constant.
- [Steve Henson]
-
- Changes between 0.9.7f and 0.9.7g [11 Apr 2005]
-
- [NB: OpenSSL 0.9.7h and later 0.9.7 patch levels were released after
- OpenSSL 0.9.8.]
-
- *) Fixes for newer kerberos headers. NB: the casts are needed because
- the 'length' field is signed on one version and unsigned on another
- with no (?) obvious way to tell the difference, without these VC++
- complains. Also the "definition" of FAR (blank) is no longer included
- nor is the error ENOMEM. KRB5_PRIVATE has to be set to 1 to pick up
- some needed definitions.
- [Steve Henson]
-
- *) Undo Cygwin change.
- [Ulf Möller]
-
- *) Added support for proxy certificates according to RFC 3820.
- Because they may be a security thread to unaware applications,
- they must be explicitely allowed in run-time. See
- docs/HOWTO/proxy_certificates.txt for further information.
- [Richard Levitte]
-
- Changes between 0.9.7e and 0.9.7f [22 Mar 2005]
-
- *) Use (SSL_RANDOM_VALUE - 4) bytes of pseudo random data when generating
- server and client random values. Previously
- (SSL_RANDOM_VALUE - sizeof(time_t)) would be used which would result in
- less random data when sizeof(time_t) > 4 (some 64 bit platforms).
-
- This change has negligible security impact because:
-
- 1. Server and client random values still have 24 bytes of pseudo random
- data.
-
- 2. Server and client random values are sent in the clear in the initial
- handshake.
-
- 3. The master secret is derived using the premaster secret (48 bytes in
- size for static RSA ciphersuites) as well as client server and random
- values.
-
- The OpenSSL team would like to thank the UK NISCC for bringing this issue
- to our attention.
-
- [Stephen Henson, reported by UK NISCC]
-
- *) Use Windows randomness collection on Cygwin.
- [Ulf Möller]
-
- *) Fix hang in EGD/PRNGD query when communication socket is closed
- prematurely by EGD/PRNGD.
- [Darren Tucker <dtucker@zip.com.au> via Lutz Jänicke, resolves #1014]
-
- *) Prompt for pass phrases when appropriate for PKCS12 input format.
- [Steve Henson]
-
- *) Back-port of selected performance improvements from development
- branch, as well as improved support for PowerPC platforms.
- [Andy Polyakov]
-
- *) Add lots of checks for memory allocation failure, error codes to indicate
- failure and freeing up memory if a failure occurs.
- [Nauticus Networks SSL Team <openssl@nauticusnet.com>, Steve Henson]
-
- *) Add new -passin argument to dgst.
- [Steve Henson]
-
- *) Perform some character comparisons of different types in X509_NAME_cmp:
- this is needed for some certificates that reencode DNs into UTF8Strings
- (in violation of RFC3280) and can't or wont issue name rollover
- certificates.
- [Steve Henson]
-
- *) Make an explicit check during certificate validation to see that
- the CA setting in each certificate on the chain is correct. As a
- side effect always do the following basic checks on extensions,
- not just when there's an associated purpose to the check:
-
- - if there is an unhandled critical extension (unless the user
- has chosen to ignore this fault)
- - if the path length has been exceeded (if one is set at all)
- - that certain extensions fit the associated purpose (if one has
- been given)
- [Richard Levitte]
-
- Changes between 0.9.7d and 0.9.7e [25 Oct 2004]
-
- *) Avoid a race condition when CRLs are checked in a multi threaded
- environment. This would happen due to the reordering of the revoked
- entries during signature checking and serial number lookup. Now the
- encoding is cached and the serial number sort performed under a lock.
- Add new STACK function sk_is_sorted().
- [Steve Henson]
-
- *) Add Delta CRL to the extension code.
- [Steve Henson]
-
- *) Various fixes to s3_pkt.c so alerts are sent properly.
- [David Holmes <d.holmes@f5.com>]
-
- *) Reduce the chances of duplicate issuer name and serial numbers (in
- violation of RFC3280) using the OpenSSL certificate creation utilities.
- This is done by creating a random 64 bit value for the initial serial
- number when a serial number file is created or when a self signed
- certificate is created using 'openssl req -x509'. The initial serial
- number file is created using 'openssl x509 -next_serial' in CA.pl
- rather than being initialized to 1.
- [Steve Henson]
-
- Changes between 0.9.7c and 0.9.7d [17 Mar 2004]
-
- *) Fix null-pointer assignment in do_change_cipher_spec() revealed
- by using the Codenomicon TLS Test Tool (CVE-2004-0079)
- [Joe Orton, Steve Henson]
-
- *) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
- (CVE-2004-0112)
- [Joe Orton, Steve Henson]
-
- *) Make it possible to have multiple active certificates with the same
- subject in the CA index file. This is done only if the keyword
- 'unique_subject' is set to 'no' in the main CA section (default
- if 'CA_default') of the configuration file. The value is saved
- with the database itself in a separate index attribute file,
- named like the index file with '.attr' appended to the name.
- [Richard Levitte]
-
- *) X509 verify fixes. Disable broken certificate workarounds when
- X509_V_FLAGS_X509_STRICT is set. Check CRL issuer has cRLSign set if
- keyUsage extension present. Don't accept CRLs with unhandled critical
- extensions: since verify currently doesn't process CRL extensions this
- rejects a CRL with *any* critical extensions. Add new verify error codes
- for these cases.
- [Steve Henson]
-
- *) When creating an OCSP nonce use an OCTET STRING inside the extnValue.
- A clarification of RFC2560 will require the use of OCTET STRINGs and
- some implementations cannot handle the current raw format. Since OpenSSL
- copies and compares OCSP nonces as opaque blobs without any attempt at
- parsing them this should not create any compatibility issues.
- [Steve Henson]
-
- *) New md flag EVP_MD_CTX_FLAG_REUSE this allows md_data to be reused when
- calling EVP_MD_CTX_copy_ex() to avoid calling OPENSSL_malloc(). Without
- this HMAC (and other) operations are several times slower than OpenSSL
- < 0.9.7.
- [Steve Henson]
-
- *) Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex().
- [Peter Sylvester <Peter.Sylvester@EdelWeb.fr>]
-
- *) Use the correct content when signing type "other".
- [Steve Henson]
-
- Changes between 0.9.7b and 0.9.7c [30 Sep 2003]
-
- *) Fix various bugs revealed by running the NISCC test suite:
-
- Stop out of bounds reads in the ASN1 code when presented with
- invalid tags (CVE-2003-0543 and CVE-2003-0544).
-
- Free up ASN1_TYPE correctly if ANY type is invalid (CVE-2003-0545).
-
- If verify callback ignores invalid public key errors don't try to check
- certificate signature with the NULL public key.
-
- [Steve Henson]
-
- *) New -ignore_err option in ocsp application to stop the server
- exiting on the first error in a request.
- [Steve Henson]
-
- *) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
- if the server requested one: as stated in TLS 1.0 and SSL 3.0
- specifications.
- [Steve Henson]
-
- *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
- extra data after the compression methods not only for TLS 1.0
- but also for SSL 3.0 (as required by the specification).
- [Bodo Moeller; problem pointed out by Matthias Loepfe]
-
- *) Change X509_certificate_type() to mark the key as exported/exportable
- when it's 512 *bits* long, not 512 bytes.
- [Richard Levitte]
-
- *) Change AES_cbc_encrypt() so it outputs exact multiple of
- blocks during encryption.
- [Richard Levitte]
-
- *) Various fixes to base64 BIO and non blocking I/O. On write
- flushes were not handled properly if the BIO retried. On read
- data was not being buffered properly and had various logic bugs.
- This also affects blocking I/O when the data being decoded is a
- certain size.
- [Steve Henson]
-
- *) Various S/MIME bugfixes and compatibility changes:
- output correct application/pkcs7 MIME type if
- PKCS7_NOOLDMIMETYPE is set. Tolerate some broken signatures.
- Output CR+LF for EOL if PKCS7_CRLFEOL is set (this makes opening
- of files as .eml work). Correctly handle very long lines in MIME
- parser.
- [Steve Henson]
-
- Changes between 0.9.7a and 0.9.7b [10 Apr 2003]
-
- *) Countermeasure against the Klima-Pokorny-Rosa extension of
- Bleichbacher's attack on PKCS #1 v1.5 padding: treat
- a protocol version number mismatch like a decryption error
- in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
- [Bodo Moeller]
-
- *) Turn on RSA blinding by default in the default implementation
- to avoid a timing attack. Applications that don't want it can call
- RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
- They would be ill-advised to do so in most cases.
- [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]
-
- *) Change RSA blinding code so that it works when the PRNG is not
- seeded (in this case, the secret RSA exponent is abused as
- an unpredictable seed -- if it is not unpredictable, there
- is no point in blinding anyway). Make RSA blinding thread-safe
- by remembering the creator's thread ID in rsa->blinding and
- having all other threads use local one-time blinding factors
- (this requires more computation than sharing rsa->blinding, but
- avoids excessive locking; and if an RSA object is not shared
- between threads, blinding will still be very fast).
- [Bodo Moeller]
-
- *) Fixed a typo bug that would cause ENGINE_set_default() to set an
- ENGINE as defaults for all supported algorithms irrespective of
- the 'flags' parameter. 'flags' is now honoured, so applications
- should make sure they are passing it correctly.
- [Geoff Thorpe]
-
- *) Target "mingw" now allows native Windows code to be generated in
- the Cygwin environment as well as with the MinGW compiler.
- [Ulf Moeller]
-
- Changes between 0.9.7 and 0.9.7a [19 Feb 2003]
-
- *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
- via timing by performing a MAC computation even if incorrrect
- block cipher padding has been found. This is a countermeasure
- against active attacks where the attacker has to distinguish
- between bad padding and a MAC verification error. (CVE-2003-0078)
-
- [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
- Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
- Martin Vuagnoux (EPFL, Ilion)]
-
- *) Make the no-err option work as intended. The intention with no-err
- is not to have the whole error stack handling routines removed from
- libcrypto, it's only intended to remove all the function name and
- reason texts, thereby removing some of the footprint that may not
- be interesting if those errors aren't displayed anyway.
-
- NOTE: it's still possible for any application or module to have it's
- own set of error texts inserted. The routines are there, just not
- used by default when no-err is given.
- [Richard Levitte]
-
- *) Add support for FreeBSD on IA64.
- [dirk.meyer@dinoex.sub.org via Richard Levitte, resolves #454]
-
- *) Adjust DES_cbc_cksum() so it returns the same value as the MIT
- Kerberos function mit_des_cbc_cksum(). Before this change,
- the value returned by DES_cbc_cksum() was like the one from
- mit_des_cbc_cksum(), except the bytes were swapped.
- [Kevin Greaney <Kevin.Greaney@hp.com> and Richard Levitte]
-
- *) Allow an application to disable the automatic SSL chain building.
- Before this a rather primitive chain build was always performed in
- ssl3_output_cert_chain(): an application had no way to send the
- correct chain if the automatic operation produced an incorrect result.
-
- Now the chain builder is disabled if either:
-
- 1. Extra certificates are added via SSL_CTX_add_extra_chain_cert().
-
- 2. The mode flag SSL_MODE_NO_AUTO_CHAIN is set.
-
- The reasoning behind this is that an application would not want the
- auto chain building to take place if extra chain certificates are
- present and it might also want a means of sending no additional
- certificates (for example the chain has two certificates and the
- root is omitted).
- [Steve Henson]
-
- *) Add the possibility to build without the ENGINE framework.
- [Steven Reddie <smr@essemer.com.au> via Richard Levitte]
-
- *) Under Win32 gmtime() can return NULL: check return value in
- OPENSSL_gmtime(). Add error code for case where gmtime() fails.
- [Steve Henson]
-
- *) DSA routines: under certain error conditions uninitialized BN objects
- could be freed. Solution: make sure initialization is performed early
- enough. (Reported and fix supplied by Ivan D Nestlerode <nestler@MIT.EDU>,
- Nils Larsch <nla@trustcenter.de> via PR#459)
- [Lutz Jaenicke]
-
- *) Another fix for SSLv2 session ID handling: the session ID was incorrectly
- checked on reconnect on the client side, therefore session resumption
- could still fail with a "ssl session id is different" error. This
- behaviour is masked when SSL_OP_ALL is used due to
- SSL_OP_MICROSOFT_SESS_ID_BUG being set.
- Behaviour observed by Crispin Flowerday <crispin@flowerday.cx> as
- followup to PR #377.
- [Lutz Jaenicke]
-
- *) IA-32 assembler support enhancements: unified ELF targets, support
- for SCO/Caldera platforms, fix for Cygwin shared build.
- [Andy Polyakov]
-
- *) Add support for FreeBSD on sparc64. As a consequence, support for
- FreeBSD on non-x86 processors is separate from x86 processors on
- the config script, much like the NetBSD support.
- [Richard Levitte & Kris Kennaway <kris@obsecurity.org>]
-
- Changes between 0.9.6h and 0.9.7 [31 Dec 2002]
-
- [NB: OpenSSL 0.9.6i and later 0.9.6 patch levels were released after
- OpenSSL 0.9.7.]
-
- *) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
- code (06) was taken as the first octet of the session ID and the last
- octet was ignored consequently. As a result SSLv2 client side session
- caching could not have worked due to the session ID mismatch between
- client and server.
- Behaviour observed by Crispin Flowerday <crispin@flowerday.cx> as
- PR #377.
- [Lutz Jaenicke]
-
- *) Change the declaration of needed Kerberos libraries to use EX_LIBS
- instead of the special (and badly supported) LIBKRB5. LIBKRB5 is
- removed entirely.
- [Richard Levitte]
-
- *) The hw_ncipher.c engine requires dynamic locks. Unfortunately, it
- seems that in spite of existing for more than a year, many application
- author have done nothing to provide the necessary callbacks, which
- means that this particular engine will not work properly anywhere.
- This is a very unfortunate situation which forces us, in the name
- of usability, to give the hw_ncipher.c a static lock, which is part
- of libcrypto.
- NOTE: This is for the 0.9.7 series ONLY. This hack will never
- appear in 0.9.8 or later. We EXPECT application authors to have
- dealt properly with this when 0.9.8 is released (unless we actually
- make such changes in the libcrypto locking code that changes will
- have to be made anyway).
- [Richard Levitte]
-
- *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content
- octets have been read, EOF or an error occurs. Without this change
- some truncated ASN1 structures will not produce an error.
- [Steve Henson]
-
- *) Disable Heimdal support, since it hasn't been fully implemented.
- Still give the possibility to force the use of Heimdal, but with
- warnings and a request that patches get sent to openssl-dev.
- [Richard Levitte]
-
- *) Add the VC-CE target, introduce the WINCE sysname, and add
- INSTALL.WCE and appropriate conditionals to make it build.
- [Steven Reddie <smr@essemer.com.au> via Richard Levitte]
-
- *) Change the DLL names for Cygwin to cygcrypto-x.y.z.dll and
- cygssl-x.y.z.dll, where x, y and z are the major, minor and
- edit numbers of the version.
- [Corinna Vinschen <vinschen@redhat.com> and Richard Levitte]
-
- *) Introduce safe string copy and catenation functions
- (BUF_strlcpy() and BUF_strlcat()).
- [Ben Laurie (CHATS) and Richard Levitte]
-
- *) Avoid using fixed-size buffers for one-line DNs.
- [Ben Laurie (CHATS)]
-
- *) Add BUF_MEM_grow_clean() to avoid information leakage when
- resizing buffers containing secrets, and use where appropriate.
- [Ben Laurie (CHATS)]
-
- *) Avoid using fixed size buffers for configuration file location.
- [Ben Laurie (CHATS)]
-
- *) Avoid filename truncation for various CA files.
- [Ben Laurie (CHATS)]
-
- *) Use sizeof in preference to magic numbers.
- [Ben Laurie (CHATS)]
-
- *) Avoid filename truncation in cert requests.
- [Ben Laurie (CHATS)]
-
- *) Add assertions to check for (supposedly impossible) buffer
- overflows.
- [Ben Laurie (CHATS)]
-
- *) Don't cache truncated DNS entries in the local cache (this could
- potentially lead to a spoofing attack).
- [Ben Laurie (CHATS)]
-
- *) Fix various buffers to be large enough for hex/decimal
- representations in a platform independent manner.
- [Ben Laurie (CHATS)]
-
- *) Add CRYPTO_realloc_clean() to avoid information leakage when
- resizing buffers containing secrets, and use where appropriate.
- [Ben Laurie (CHATS)]
-
- *) Add BIO_indent() to avoid much slightly worrying code to do
- indents.
- [Ben Laurie (CHATS)]
-
- *) Convert sprintf()/BIO_puts() to BIO_printf().
- [Ben Laurie (CHATS)]
-
- *) buffer_gets() could terminate with the buffer only half
- full. Fixed.
- [Ben Laurie (CHATS)]
-
- *) Add assertions to prevent user-supplied crypto functions from
- overflowing internal buffers by having large block sizes, etc.
- [Ben Laurie (CHATS)]
-
- *) New OPENSSL_assert() macro (similar to assert(), but enabled
- unconditionally).
- [Ben Laurie (CHATS)]
-
- *) Eliminate unused copy of key in RC4.
- [Ben Laurie (CHATS)]
-
- *) Eliminate unused and incorrectly sized buffers for IV in pem.h.
- [Ben Laurie (CHATS)]
-
- *) Fix off-by-one error in EGD path.
- [Ben Laurie (CHATS)]
-
- *) If RANDFILE path is too long, ignore instead of truncating.
- [Ben Laurie (CHATS)]
-
- *) Eliminate unused and incorrectly sized X.509 structure
- CBCParameter.
- [Ben Laurie (CHATS)]
-
- *) Eliminate unused and dangerous function knumber().
- [Ben Laurie (CHATS)]
-
- *) Eliminate unused and dangerous structure, KSSL_ERR.
- [Ben Laurie (CHATS)]
-
- *) Protect against overlong session ID context length in an encoded
- session object. Since these are local, this does not appear to be
- exploitable.
- [Ben Laurie (CHATS)]
-
- *) Change from security patch (see 0.9.6e below) that did not affect
- the 0.9.6 release series:
-
- Remote buffer overflow in SSL3 protocol - an attacker could
- supply an oversized master key in Kerberos-enabled versions.
- (CVE-2002-0657)
- [Ben Laurie (CHATS)]
-
- *) Change the SSL kerb5 codes to match RFC 2712.
- [Richard Levitte]
-
- *) Make -nameopt work fully for req and add -reqopt switch.
- [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson]
-
- *) The "block size" for block ciphers in CFB and OFB mode should be 1.
- [Steve Henson, reported by Yngve Nysaeter Pettersen <yngve@opera.com>]
-
- *) Make sure tests can be performed even if the corresponding algorithms
- have been removed entirely. This was also the last step to make
- OpenSSL compilable with DJGPP under all reasonable conditions.
- [Richard Levitte, Doug Kaufman <dkaufman@rahul.net>]
-
- *) Add cipher selection rules COMPLEMENTOFALL and COMPLEMENTOFDEFAULT
- to allow version independent disabling of normally unselected ciphers,
- which may be activated as a side-effect of selecting a single cipher.
-
- (E.g., cipher list string "RSA" enables ciphersuites that are left
- out of "ALL" because they do not provide symmetric encryption.
- "RSA:!COMPLEMEMENTOFALL" avoids these unsafe ciphersuites.)
- [Lutz Jaenicke, Bodo Moeller]
-
- *) Add appropriate support for separate platform-dependent build
- directories. The recommended way to make a platform-dependent
- build directory is the following (tested on Linux), maybe with
- some local tweaks:
-
- # Place yourself outside of the OpenSSL source tree. In
- # this example, the environment variable OPENSSL_SOURCE
- # is assumed to contain the absolute OpenSSL source directory.
- mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
- cd objtree/"`uname -s`-`uname -r`-`uname -m`"
- (cd $OPENSSL_SOURCE; find . -type f) | while read F; do
- mkdir -p `dirname $F`
- ln -s $OPENSSL_SOURCE/$F $F
- done
-
- To be absolutely sure not to disturb the source tree, a "make clean"
- is a good thing. If it isn't successfull, don't worry about it,
- it probably means the source directory is very clean.
- [Richard Levitte]
-
- *) Make sure any ENGINE control commands make local copies of string
- pointers passed to them whenever necessary. Otherwise it is possible
- the caller may have overwritten (or deallocated) the original string
- data when a later ENGINE operation tries to use the stored values.
- [Götz Babin-Ebell <babinebell@trustcenter.de>]
-
- *) Improve diagnostics in file reading and command-line digests.
- [Ben Laurie aided and abetted by Solar Designer <solar@openwall.com>]
-
- *) Add AES modes CFB and OFB to the object database. Correct an
- error in AES-CFB decryption.
- [Richard Levitte]
-
- *) Remove most calls to EVP_CIPHER_CTX_cleanup() in evp_enc.c, this
- allows existing EVP_CIPHER_CTX structures to be reused after
- calling EVP_*Final(). This behaviour is used by encryption
- BIOs and some applications. This has the side effect that
- applications must explicitly clean up cipher contexts with
- EVP_CIPHER_CTX_cleanup() or they will leak memory.
- [Steve Henson]
-
- *) Check the values of dna and dnb in bn_mul_recursive before calling
- bn_mul_comba (a non zero value means the a or b arrays do not contain
- n2 elements) and fallback to bn_mul_normal if either is not zero.
- [Steve Henson]
-
- *) Fix escaping of non-ASCII characters when using the -subj option
- of the "openssl req" command line tool. (Robert Joop <joop@fokus.gmd.de>)
- [Lutz Jaenicke]
-
- *) Make object definitions compliant to LDAP (RFC2256): SN is the short
- form for "surname", serialNumber has no short form.
- Use "mail" as the short name for "rfc822Mailbox" according to RFC2798;
- therefore remove "mail" short name for "internet 7".
- The OID for unique identifiers in X509 certificates is
- x500UniqueIdentifier, not uniqueIdentifier.
- Some more OID additions. (Michael Bell <michael.bell@rz.hu-berlin.de>)
- [Lutz Jaenicke]
-
- *) Add an "init" command to the ENGINE config module and auto initialize
- ENGINEs. Without any "init" command the ENGINE will be initialized
- after all ctrl commands have been executed on it. If init=1 the
- ENGINE is initailized at that point (ctrls before that point are run
- on the uninitialized ENGINE and after on the initialized one). If
- init=0 then the ENGINE will not be iniatialized at all.
- [Steve Henson]
-
- *) Fix the 'app_verify_callback' interface so that the user-defined
- argument is actually passed to the callback: In the
- SSL_CTX_set_cert_verify_callback() prototype, the callback
- declaration has been changed from
- int (*cb)()
- into
- int (*cb)(X509_STORE_CTX *,void *);
- in ssl_verify_cert_chain (ssl/ssl_cert.c), the call
- i=s->ctx->app_verify_callback(&ctx)
- has been changed into
- i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg).
-
- To update applications using SSL_CTX_set_cert_verify_callback(),
- a dummy argument can be added to their callback functions.
- [D. K. Smetters <smetters@parc.xerox.com>]
-
- *) Added the '4758cca' ENGINE to support IBM 4758 cards.
- [Maurice Gittens <maurice@gittens.nl>, touchups by Geoff Thorpe]
-
- *) Add and OPENSSL_LOAD_CONF define which will cause
- OpenSSL_add_all_algorithms() to load the openssl.cnf config file.
- This allows older applications to transparently support certain
- OpenSSL features: such as crypto acceleration and dynamic ENGINE loading.
- Two new functions OPENSSL_add_all_algorithms_noconf() which will never
- load the config file and OPENSSL_add_all_algorithms_conf() which will
- always load it have also been added.
- [Steve Henson]
-
- *) Add the OFB, CFB and CTR (all with 128 bit feedback) to AES.
- Adjust NIDs and EVP layer.
- [Stephen Sprunk <stephen@sprunk.org> and Richard Levitte]
-
- *) Config modules support in openssl utility.
-
- Most commands now load modules from the config file,
- though in a few (such as version) this isn't done
- because it couldn't be used for anything.
-
- In the case of ca and req the config file used is
- the same as the utility itself: that is the -config
- command line option can be used to specify an
- alternative file.
- [Steve Henson]
-
- *) Move default behaviour from OPENSSL_config(). If appname is NULL
- use "openssl_conf" if filename is NULL use default openssl config file.
- [Steve Henson]
-
- *) Add an argument to OPENSSL_config() to allow the use of an alternative
- config section name. Add a new flag to tolerate a missing config file
- and move code to CONF_modules_load_file().
- [Steve Henson]
-
- *) Support for crypto accelerator cards from Accelerated Encryption
- Processing, www.aep.ie. (Use engine 'aep')
- The support was copied from 0.9.6c [engine] and adapted/corrected
- to work with the new engine framework.
- [AEP Inc. and Richard Levitte]
-
- *) Support for SureWare crypto accelerator cards from Baltimore
- Technologies. (Use engine 'sureware')
- The support was copied from 0.9.6c [engine] and adapted
- to work with the new engine framework.
- [Richard Levitte]
-
- *) Have the CHIL engine fork-safe (as defined by nCipher) and actually
- make the newer ENGINE framework commands for the CHIL engine work.
- [Toomas Kiisk <vix@cyber.ee> and Richard Levitte]
-
- *) Make it possible to produce shared libraries on ReliantUNIX.
- [Robert Dahlem <Robert.Dahlem@ffm2.siemens.de> via Richard Levitte]
-
- *) Add the configuration target debug-linux-ppro.
- Make 'openssl rsa' use the general key loading routines
- implemented in apps.c, and make those routines able to
- handle the key format FORMAT_NETSCAPE and the variant
- FORMAT_IISSGC.
- [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
-
- *) Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
- [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
-
- *) Add -keyform to rsautl, and document -engine.
- [Richard Levitte, inspired by Toomas Kiisk <vix@cyber.ee>]
-
- *) Change BIO_new_file (crypto/bio/bss_file.c) to use new
- BIO_R_NO_SUCH_FILE error code rather than the generic
- ERR_R_SYS_LIB error code if fopen() fails with ENOENT.
- [Ben Laurie]
-
- *) Add new functions
- ERR_peek_last_error
- ERR_peek_last_error_line
- ERR_peek_last_error_line_data.
- These are similar to
- ERR_peek_error
- ERR_peek_error_line
- ERR_peek_error_line_data,
- but report on the latest error recorded rather than the first one
- still in the error queue.
- [Ben Laurie, Bodo Moeller]
-
- *) default_algorithms option in ENGINE config module. This allows things
- like:
- default_algorithms = ALL
- default_algorithms = RSA, DSA, RAND, CIPHERS, DIGESTS
- [Steve Henson]
-
- *) Prelminary ENGINE config module.
- [Steve Henson]
-
- *) New experimental application configuration code.
- [Steve Henson]
-
- *) Change the AES code to follow the same name structure as all other
- symmetric ciphers, and behave the same way. Move everything to
- the directory crypto/aes, thereby obsoleting crypto/rijndael.
- [Stephen Sprunk <stephen@sprunk.org> and Richard Levitte]
-
- *) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c.
- [Ben Laurie and Theo de Raadt]
-
- *) Add option to output public keys in req command.
- [Massimiliano Pala madwolf@openca.org]
-
- *) Use wNAFs in EC_POINTs_mul() for improved efficiency
- (up to about 10% better than before for P-192 and P-224).
- [Bodo Moeller]
-
- *) New functions/macros
-
- SSL_CTX_set_msg_callback(ctx, cb)
- SSL_CTX_set_msg_callback_arg(ctx, arg)
- SSL_set_msg_callback(ssl, cb)
- SSL_set_msg_callback_arg(ssl, arg)
-
- to request calling a callback function
-
- void cb(int write_p, int version, int content_type,
- const void *buf, size_t len, SSL *ssl, void *arg)
-
- whenever a protocol message has been completely received
- (write_p == 0) or sent (write_p == 1). Here 'version' is the
- protocol version according to which the SSL library interprets
- the current protocol message (SSL2_VERSION, SSL3_VERSION, or
- TLS1_VERSION). 'content_type' is 0 in the case of SSL 2.0, or
- the content type as defined in the SSL 3.0/TLS 1.0 protocol
- specification (change_cipher_spec(20), alert(21), handshake(22)).
- 'buf' and 'len' point to the actual message, 'ssl' to the
- SSL object, and 'arg' is the application-defined value set by
- SSL[_CTX]_set_msg_callback_arg().
-
- 'openssl s_client' and 'openssl s_server' have new '-msg' options
- to enable a callback that displays all protocol messages.
- [Bodo Moeller]
-
- *) Change the shared library support so shared libraries are built as
- soon as the corresponding static library is finished, and thereby get
- openssl and the test programs linked against the shared library.
- This still only happens when the keyword "shard" has been given to
- the configuration scripts.
-
- NOTE: shared library support is still an experimental thing, and
- backward binary compatibility is still not guaranteed.
- ["Maciej W. Rozycki" <macro@ds2.pg.gda.pl> and Richard Levitte]
-
- *) Add support for Subject Information Access extension.
- [Peter Sylvester <Peter.Sylvester@EdelWeb.fr>]
-
- *) Make BUF_MEM_grow() behaviour more consistent: Initialise to zero
- additional bytes when new memory had to be allocated, not just
- when reusing an existing buffer.
- [Bodo Moeller]
-
- *) New command line and configuration option 'utf8' for the req command.
- This allows field values to be specified as UTF8 strings.
- [Steve Henson]
-
- *) Add -multi and -mr options to "openssl speed" - giving multiple parallel
- runs for the former and machine-readable output for the latter.
- [Ben Laurie]
-
- *) Add '-noemailDN' option to 'openssl ca'. This prevents inclusion
- of the e-mail address in the DN (i.e., it will go into a certificate
- extension only). The new configuration file option 'email_in_dn = no'
- has the same effect.
- [Massimiliano Pala madwolf@openca.org]
-
- *) Change all functions with names starting with des_ to be starting
- with DES_ instead. Add wrappers that are compatible with libdes,
- but are named _ossl_old_des_*. Finally, add macros that map the
- des_* symbols to the corresponding _ossl_old_des_* if libdes
- compatibility is desired. If OpenSSL 0.9.6c compatibility is
- desired, the des_* symbols will be mapped to DES_*, with one
- exception.
-
- Since we provide two compatibility mappings, the user needs to
- define the macro OPENSSL_DES_LIBDES_COMPATIBILITY if libdes
- compatibility is desired. The default (i.e., when that macro
- isn't defined) is OpenSSL 0.9.6c compatibility.
-
- There are also macros that enable and disable the support of old
- des functions altogether. Those are OPENSSL_ENABLE_OLD_DES_SUPPORT
- and OPENSSL_DISABLE_OLD_DES_SUPPORT. If none or both of those
- are defined, the default will apply: to support the old des routines.
-
- In either case, one must include openssl/des.h to get the correct
- definitions. Do not try to just include openssl/des_old.h, that
- won't work.
-
- NOTE: This is a major break of an old API into a new one. Software
- authors are encouraged to switch to the DES_ style functions. Some
- time in the future, des_old.h and the libdes compatibility functions
- will be disable (i.e. OPENSSL_DISABLE_OLD_DES_SUPPORT will be the
- default), and then completely removed.
- [Richard Levitte]
-
- *) Test for certificates which contain unsupported critical extensions.
- If such a certificate is found during a verify operation it is
- rejected by default: this behaviour can be overridden by either
- handling the new error X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION or
- by setting the verify flag X509_V_FLAG_IGNORE_CRITICAL. A new function
- X509_supported_extension() has also been added which returns 1 if a
- particular extension is supported.
- [Steve Henson]
-
- *) Modify the behaviour of EVP cipher functions in similar way to digests
- to retain compatibility with existing code.
- [Steve Henson]
-
- *) Modify the behaviour of EVP_DigestInit() and EVP_DigestFinal() to retain
- compatibility with existing code. In particular the 'ctx' parameter does
- not have to be to be initialized before the call to EVP_DigestInit() and
- it is tidied up after a call to EVP_DigestFinal(). New function
- EVP_DigestFinal_ex() which does not tidy up the ctx. Similarly function
- EVP_MD_CTX_copy() changed to not require the destination to be
- initialized valid and new function EVP_MD_CTX_copy_ex() added which
- requires the destination to be valid.
-
- Modify all the OpenSSL digest calls to use EVP_DigestInit_ex(),
- EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex().
- [Steve Henson]
-
- *) Change ssl3_get_message (ssl/s3_both.c) and the functions using it
- so that complete 'Handshake' protocol structures are kept in memory
- instead of overwriting 'msg_type' and 'length' with 'body' data.
- [Bodo Moeller]
-
- *) Add an implementation of SSL_add_dir_cert_subjects_to_stack for Win32.
- [Massimo Santin via Richard Levitte]
-
- *) Major restructuring to the underlying ENGINE code. This includes
- reduction of linker bloat, separation of pure "ENGINE" manipulation
- (initialisation, etc) from functionality dealing with implementations
- of specific crypto iterfaces. This change also introduces integrated
- support for symmetric ciphers and digest implementations - so ENGINEs
- can now accelerate these by providing EVP_CIPHER and EVP_MD
- implementations of their own. This is detailed in crypto/engine/README
- as it couldn't be adequately described here. However, there are a few
- API changes worth noting - some RSA, DSA, DH, and RAND functions that
- were changed in the original introduction of ENGINE code have now
- reverted back - the hooking from this code to ENGINE is now a good
- deal more passive and at run-time, operations deal directly with
- RSA_METHODs, DSA_METHODs (etc) as they did before, rather than
- dereferencing through an ENGINE pointer any more. Also, the ENGINE
- functions dealing with BN_MOD_EXP[_CRT] handlers have been removed -
- they were not being used by the framework as there is no concept of a
- BIGNUM_METHOD and they could not be generalised to the new
- 'ENGINE_TABLE' mechanism that underlies the new code. Similarly,
- ENGINE_cpy() has been removed as it cannot be consistently defined in
- the new code.
- [Geoff Thorpe]
-
- *) Change ASN1_GENERALIZEDTIME_check() to allow fractional seconds.
- [Steve Henson]
-
- *) Change mkdef.pl to sort symbols that get the same entry number,
- and make sure the automatically generated functions ERR_load_*
- become part of libeay.num as well.
- [Richard Levitte]
-
- *) New function SSL_renegotiate_pending(). This returns true once
- renegotiation has been requested (either SSL_renegotiate() call
- or HelloRequest/ClientHello receveived from the peer) and becomes
- false once a handshake has been completed.
- (For servers, SSL_renegotiate() followed by SSL_do_handshake()
- sends a HelloRequest, but does not ensure that a handshake takes
- place. SSL_renegotiate_pending() is useful for checking if the
- client has followed the request.)
- [Bodo Moeller]
-
- *) New SSL option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION.
- By default, clients may request session resumption even during
- renegotiation (if session ID contexts permit); with this option,
- session resumption is possible only in the first handshake.
-
- SSL_OP_ALL is now 0x00000FFFL instead of 0x000FFFFFL. This makes
- more bits available for options that should not be part of
- SSL_OP_ALL (such as SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION).
- [Bodo Moeller]
-
- *) Add some demos for certificate and certificate request creation.
- [Steve Henson]
-
- *) Make maximum certificate chain size accepted from the peer application
- settable (SSL*_get/set_max_cert_list()), as proposed by
- "Douglas E. Engert" <deengert@anl.gov>.
- [Lutz Jaenicke]
-
- *) Add support for shared libraries for Unixware-7
- (Boyd Lynn Gerber <gerberb@zenez.com>).
- [Lutz Jaenicke]
-
- *) Add a "destroy" handler to ENGINEs that allows structural cleanup to
- be done prior to destruction. Use this to unload error strings from
- ENGINEs that load their own error strings. NB: This adds two new API
- functions to "get" and "set" this destroy handler in an ENGINE.
- [Geoff Thorpe]
-
- *) Alter all existing ENGINE implementations (except "openssl" and
- "openbsd") to dynamically instantiate their own error strings. This
- makes them more flexible to be built both as statically-linked ENGINEs
- and self-contained shared-libraries loadable via the "dynamic" ENGINE.
- Also, add stub code to each that makes building them as self-contained
- shared-libraries easier (see README.ENGINE).
- [Geoff Thorpe]
-
- *) Add a "dynamic" ENGINE that provides a mechanism for binding ENGINE
- implementations into applications that are completely implemented in
- self-contained shared-libraries. The "dynamic" ENGINE exposes control
- commands that can be used to configure what shared-library to load and
- to control aspects of the way it is handled. Also, made an update to
- the README.ENGINE file that brings its information up-to-date and
- provides some information and instructions on the "dynamic" ENGINE
- (ie. how to use it, how to build "dynamic"-loadable ENGINEs, etc).
- [Geoff Thorpe]
-
- *) Make it possible to unload ranges of ERR strings with a new
- "ERR_unload_strings" function.
- [Geoff Thorpe]
-
- *) Add a copy() function to EVP_MD.
- [Ben Laurie]
-
- *) Make EVP_MD routines take a context pointer instead of just the
- md_data void pointer.
- [Ben Laurie]
-
- *) Add flags to EVP_MD and EVP_MD_CTX. EVP_MD_FLAG_ONESHOT indicates
- that the digest can only process a single chunk of data
- (typically because it is provided by a piece of
- hardware). EVP_MD_CTX_FLAG_ONESHOT indicates that the application
- is only going to provide a single chunk of data, and hence the
- framework needn't accumulate the data for oneshot drivers.
- [Ben Laurie]
-
- *) As with "ERR", make it possible to replace the underlying "ex_data"
- functions. This change also alters the storage and management of global
- ex_data state - it's now all inside ex_data.c and all "class" code (eg.
- RSA, BIO, SSL_CTX, etc) no longer stores its own STACKS and per-class
- index counters. The API functions that use this state have been changed
- to take a "class_index" rather than pointers to the class's local STACK
- and counter, and there is now an API function to dynamically create new
- classes. This centralisation allows us to (a) plug a lot of the
- thread-safety problems that existed, and (b) makes it possible to clean
- up all allocated state using "CRYPTO_cleanup_all_ex_data()". W.r.t. (b)
- such data would previously have always leaked in application code and
- workarounds were in place to make the memory debugging turn a blind eye
- to it. Application code that doesn't use this new function will still
- leak as before, but their memory debugging output will announce it now
- rather than letting it slide.
-
- Besides the addition of CRYPTO_cleanup_all_ex_data(), another API change
- induced by the "ex_data" overhaul is that X509_STORE_CTX_init() now
- has a return value to indicate success or failure.
- [Geoff Thorpe]
-
- *) Make it possible to replace the underlying "ERR" functions such that the
- global state (2 LHASH tables and 2 locks) is only used by the "default"
- implementation. This change also adds two functions to "get" and "set"
- the implementation prior to it being automatically set the first time
- any other ERR function takes place. Ie. an application can call "get",
- pass the return value to a module it has just loaded, and that module
- can call its own "set" function using that value. This means the
- module's "ERR" operations will use (and modify) the error state in the
- application and not in its own statically linked copy of OpenSSL code.
- [Geoff Thorpe]
-
- *) Give DH, DSA, and RSA types their own "**_up_ref()" function to increment
- reference counts. This performs normal REF_PRINT/REF_CHECK macros on
- the operation, and provides a more encapsulated way for external code
- (crypto/evp/ and ssl/) to do this. Also changed the evp and ssl code
- to use these functions rather than manually incrementing the counts.
-
- Also rename "DSO_up()" function to more descriptive "DSO_up_ref()".
- [Geoff Thorpe]
-
- *) Add EVP test program.
- [Ben Laurie]
-
- *) Add symmetric cipher support to ENGINE. Expect the API to change!
- [Ben Laurie]
-
- *) New CRL functions: X509_CRL_set_version(), X509_CRL_set_issuer_name()
- X509_CRL_set_lastUpdate(), X509_CRL_set_nextUpdate(), X509_CRL_sort(),
- X509_REVOKED_set_serialNumber(), and X509_REVOKED_set_revocationDate().
- These allow a CRL to be built without having to access X509_CRL fields
- directly. Modify 'ca' application to use new functions.
- [Steve Henson]
-
- *) Move SSL_OP_TLS_ROLLBACK_BUG out of the SSL_OP_ALL list of recommended
- bug workarounds. Rollback attack detection is a security feature.
- The problem will only arise on OpenSSL servers when TLSv1 is not
- available (sslv3_server_method() or SSL_OP_NO_TLSv1).
- Software authors not wanting to support TLSv1 will have special reasons
- for their choice and can explicitly enable this option.
- [Bodo Moeller, Lutz Jaenicke]
-
- *) Rationalise EVP so it can be extended: don't include a union of
- cipher/digest structures, add init/cleanup functions for EVP_MD_CTX
- (similar to those existing for EVP_CIPHER_CTX).
- Usage example:
-
- EVP_MD_CTX md;
-
- EVP_MD_CTX_init(&md); /* new function call */
- EVP_DigestInit(&md, EVP_sha1());
- EVP_DigestUpdate(&md, in, len);
- EVP_DigestFinal(&md, out, NULL);
- EVP_MD_CTX_cleanup(&md); /* new function call */
-
- [Ben Laurie]
-
- *) Make DES key schedule conform to the usual scheme, as well as
- correcting its structure. This means that calls to DES functions
- now have to pass a pointer to a des_key_schedule instead of a
- plain des_key_schedule (which was actually always a pointer
- anyway): E.g.,
-
- des_key_schedule ks;
-
- des_set_key_checked(..., &ks);
- des_ncbc_encrypt(..., &ks, ...);
-
- (Note that a later change renames 'des_...' into 'DES_...'.)
- [Ben Laurie]
-
- *) Initial reduction of linker bloat: the use of some functions, such as
- PEM causes large amounts of unused functions to be linked in due to
- poor organisation. For example pem_all.c contains every PEM function
- which has a knock on effect of linking in large amounts of (unused)
- ASN1 code. Grouping together similar functions and splitting unrelated
- functions prevents this.
- [Steve Henson]
-
- *) Cleanup of EVP macros.
- [Ben Laurie]
-
- *) Change historical references to {NID,SN,LN}_des_ede and ede3 to add the
- correct _ecb suffix.
- [Ben Laurie]
-
- *) Add initial OCSP responder support to ocsp application. The
- revocation information is handled using the text based index
- use by the ca application. The responder can either handle
- requests generated internally, supplied in files (for example
- via a CGI script) or using an internal minimal server.
- [Steve Henson]
-
- *) Add configuration choices to get zlib compression for TLS.
- [Richard Levitte]
-
- *) Changes to Kerberos SSL for RFC 2712 compliance:
- 1. Implemented real KerberosWrapper, instead of just using
- KRB5 AP_REQ message. [Thanks to Simon Wilkinson <sxw@sxw.org.uk>]
- 2. Implemented optional authenticator field of KerberosWrapper.
-
- Added openssl-style ASN.1 macros for Kerberos ticket, ap_req,
- and authenticator structs; see crypto/krb5/.
-
- Generalized Kerberos calls to support multiple Kerberos libraries.
- [Vern Staats <staatsvr@asc.hpc.mil>,
- Jeffrey Altman <jaltman@columbia.edu>
- via Richard Levitte]
-
- *) Cause 'openssl speed' to use fully hard-coded DSA keys as it
- already does with RSA. testdsa.h now has 'priv_key/pub_key'
- values for each of the key sizes rather than having just
- parameters (and 'speed' generating keys each time).
- [Geoff Thorpe]
-
- *) Speed up EVP routines.
- Before:
-encrypt
-type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
-des-cbc 4408.85k 5560.51k 5778.46k 5862.20k 5825.16k
-des-cbc 4389.55k 5571.17k 5792.23k 5846.91k 5832.11k
-des-cbc 4394.32k 5575.92k 5807.44k 5848.37k 5841.30k
-decrypt
-des-cbc 3482.66k 5069.49k 5496.39k 5614.16k 5639.28k
-des-cbc 3480.74k 5068.76k 5510.34k 5609.87k 5635.52k
-des-cbc 3483.72k 5067.62k 5504.60k 5708.01k 5724.80k
- After:
-encrypt
-des-cbc 4660.16k 5650.19k 5807.19k 5827.13k 5783.32k
-decrypt
-des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
- [Ben Laurie]
-
- *) Added the OS2-EMX target.
- ["Brian Havard" <brianh@kheldar.apana.org.au> and Richard Levitte]
-
- *) Rewrite apps to use NCONF routines instead of the old CONF. New functions
- to support NCONF routines in extension code. New function CONF_set_nconf()
- to allow functions which take an NCONF to also handle the old LHASH
- structure: this means that the old CONF compatible routines can be
- retained (in particular wrt extensions) without having to duplicate the
- code. New function X509V3_add_ext_nconf_sk to add extensions to a stack.
- [Steve Henson]
-
- *) Enhance the general user interface with mechanisms for inner control
- and with possibilities to have yes/no kind of prompts.
- [Richard Levitte]
-
- *) Change all calls to low level digest routines in the library and
- applications to use EVP. Add missing calls to HMAC_cleanup() and
- don't assume HMAC_CTX can be copied using memcpy().
- [Verdon Walker <VWalker@novell.com>, Steve Henson]
-
- *) Add the possibility to control engines through control names but with
- arbitrary arguments instead of just a string.
- Change the key loaders to take a UI_METHOD instead of a callback
- function pointer. NOTE: this breaks binary compatibility with earlier
- versions of OpenSSL [engine].
- Adapt the nCipher code for these new conditions and add a card insertion
- callback.
- [Richard Levitte]
-
- *) Enhance the general user interface with mechanisms to better support
- dialog box interfaces, application-defined prompts, the possibility
- to use defaults (for example default passwords from somewhere else)
- and interrupts/cancellations.
- [Richard Levitte]
-
- *) Tidy up PKCS#12 attribute handling. Add support for the CSP name
- attribute in PKCS#12 files, add new -CSP option to pkcs12 utility.
- [Steve Henson]
-
- *) Fix a memory leak in 'sk_dup()' in the case reallocation fails. (Also
- tidy up some unnecessarily weird code in 'sk_new()').
- [Geoff, reported by Diego Tartara <dtartara@novamens.com>]
-
- *) Change the key loading routines for ENGINEs to use the same kind
- callback (pem_password_cb) as all other routines that need this
- kind of callback.
- [Richard Levitte]
-
- *) Increase ENTROPY_NEEDED to 32 bytes, as Rijndael can operate with
- 256 bit (=32 byte) keys. Of course seeding with more entropy bytes
- than this minimum value is recommended.
- [Lutz Jaenicke]
-
- *) New random seeder for OpenVMS, using the system process statistics
- that are easily reachable.
- [Richard Levitte]
-
- *) Windows apparently can't transparently handle global
- variables defined in DLLs. Initialisations such as:
-
- const ASN1_ITEM *it = &ASN1_INTEGER_it;
-
- wont compile. This is used by the any applications that need to
- declare their own ASN1 modules. This was fixed by adding the option
- EXPORT_VAR_AS_FN to all Win32 platforms, although this isn't strictly
- needed for static libraries under Win32.
- [Steve Henson]
-
- *) New functions X509_PURPOSE_set() and X509_TRUST_set() to handle
- setting of purpose and trust fields. New X509_STORE trust and
- purpose functions and tidy up setting in other SSL functions.
- [Steve Henson]
-
- *) Add copies of X509_STORE_CTX fields and callbacks to X509_STORE
- structure. These are inherited by X509_STORE_CTX when it is
- initialised. This allows various defaults to be set in the
- X509_STORE structure (such as flags for CRL checking and custom
- purpose or trust settings) for functions which only use X509_STORE_CTX
- internally such as S/MIME.
-
- Modify X509_STORE_CTX_purpose_inherit() so it only sets purposes and
- trust settings if they are not set in X509_STORE. This allows X509_STORE
- purposes and trust (in S/MIME for example) to override any set by default.
-
- Add command line options for CRL checking to smime, s_client and s_server
- applications.
- [Steve Henson]
-
- *) Initial CRL based revocation checking. If the CRL checking flag(s)
- are set then the CRL is looked up in the X509_STORE structure and
- its validity and signature checked, then if the certificate is found
- in the CRL the verify fails with a revoked error.
-
- Various new CRL related callbacks added to X509_STORE_CTX structure.
-
- Command line options added to 'verify' application to support this.
-
- This needs some additional work, such as being able to handle multiple
- CRLs with different times, extension based lookup (rather than just
- by subject name) and ultimately more complete V2 CRL extension
- handling.
- [Steve Henson]
-
- *) Add a general user interface API (crypto/ui/). This is designed
- to replace things like des_read_password and friends (backward
- compatibility functions using this new API are provided).
- The purpose is to remove prompting functions from the DES code
- section as well as provide for prompting through dialog boxes in
- a window system and the like.
- [Richard Levitte]
-
- *) Add "ex_data" support to ENGINE so implementations can add state at a
- per-structure level rather than having to store it globally.
- [Geoff]
-
- *) Make it possible for ENGINE structures to be copied when retrieved by
- ENGINE_by_id() if the ENGINE specifies a new flag: ENGINE_FLAGS_BY_ID_COPY.
- This causes the "original" ENGINE structure to act like a template,
- analogous to the RSA vs. RSA_METHOD type of separation. Because of this
- operational state can be localised to each ENGINE structure, despite the
- fact they all share the same "methods". New ENGINE structures returned in
- this case have no functional references and the return value is the single
- structural reference. This matches the single structural reference returned
- by ENGINE_by_id() normally, when it is incremented on the pre-existing
- ENGINE structure.
- [Geoff]
-
- *) Fix ASN1 decoder when decoding type ANY and V_ASN1_OTHER: since this
- needs to match any other type at all we need to manually clear the
- tag cache.
- [Steve Henson]
-
- *) Changes to the "openssl engine" utility to include;
- - verbosity levels ('-v', '-vv', and '-vvv') that provide information
- about an ENGINE's available control commands.
- - executing control commands from command line arguments using the
- '-pre' and '-post' switches. '-post' is only used if '-t' is
- specified and the ENGINE is successfully initialised. The syntax for
- the individual commands are colon-separated, for example;
- openssl engine chil -pre FORK_CHECK:0 -pre SO_PATH:/lib/test.so
- [Geoff]
-
- *) New dynamic control command support for ENGINEs. ENGINEs can now
- declare their own commands (numbers), names (strings), descriptions,
- and input types for run-time discovery by calling applications. A
- subset of these commands are implicitly classed as "executable"
- depending on their input type, and only these can be invoked through
- the new string-based API function ENGINE_ctrl_cmd_string(). (Eg. this
- can be based on user input, config files, etc). The distinction is
- that "executable" commands cannot return anything other than a boolean
- result and can only support numeric or string input, whereas some
- discoverable commands may only be for direct use through
- ENGINE_ctrl(), eg. supporting the exchange of binary data, function
- pointers, or other custom uses. The "executable" commands are to
- support parameterisations of ENGINE behaviour that can be
- unambiguously defined by ENGINEs and used consistently across any
- OpenSSL-based application. Commands have been added to all the
- existing hardware-supporting ENGINEs, noticeably "SO_PATH" to allow
- control over shared-library paths without source code alterations.
- [Geoff]
-
- *) Changed all ENGINE implementations to dynamically allocate their
- ENGINEs rather than declaring them statically. Apart from this being
- necessary with the removal of the ENGINE_FLAGS_MALLOCED distinction,
- this also allows the implementations to compile without using the
- internal engine_int.h header.
- [Geoff]
-
- *) Minor adjustment to "rand" code. RAND_get_rand_method() now returns a
- 'const' value. Any code that should be able to modify a RAND_METHOD
- should already have non-const pointers to it (ie. they should only
- modify their own ones).
- [Geoff]
-
- *) Made a variety of little tweaks to the ENGINE code.
- - "atalla" and "ubsec" string definitions were moved from header files
- to C code. "nuron" string definitions were placed in variables
- rather than hard-coded - allowing parameterisation of these values
- later on via ctrl() commands.
- - Removed unused "#if 0"'d code.
- - Fixed engine list iteration code so it uses ENGINE_free() to release
- structural references.
- - Constified the RAND_METHOD element of ENGINE structures.
- - Constified various get/set functions as appropriate and added
- missing functions (including a catch-all ENGINE_cpy that duplicates
- all ENGINE values onto a new ENGINE except reference counts/state).
- - Removed NULL parameter checks in get/set functions. Setting a method
- or function to NULL is a way of cancelling out a previously set
- value. Passing a NULL ENGINE parameter is just plain stupid anyway
- and doesn't justify the extra error symbols and code.
- - Deprecate the ENGINE_FLAGS_MALLOCED define and move the area for
- flags from engine_int.h to engine.h.
- - Changed prototypes for ENGINE handler functions (init(), finish(),
- ctrl(), key-load functions, etc) to take an (ENGINE*) parameter.
- [Geoff]
-
- *) Implement binary inversion algorithm for BN_mod_inverse in addition
- to the algorithm using long division. The binary algorithm can be
- used only if the modulus is odd. On 32-bit systems, it is faster
- only for relatively small moduli (roughly 20-30% for 128-bit moduli,
- roughly 5-15% for 256-bit moduli), so we use it only for moduli
- up to 450 bits. In 64-bit environments, the binary algorithm
- appears to be advantageous for much longer moduli; here we use it
- for moduli up to 2048 bits.
- [Bodo Moeller]
-
- *) Rewrite CHOICE field setting in ASN1_item_ex_d2i(). The old code
- could not support the combine flag in choice fields.
- [Steve Henson]
-
- *) Add a 'copy_extensions' option to the 'ca' utility. This copies
- extensions from a certificate request to the certificate.
- [Steve Henson]
-
- *) Allow multiple 'certopt' and 'nameopt' options to be separated
- by commas. Add 'namopt' and 'certopt' options to the 'ca' config
- file: this allows the display of the certificate about to be
- signed to be customised, to allow certain fields to be included
- or excluded and extension details. The old system didn't display
- multicharacter strings properly, omitted fields not in the policy
- and couldn't display additional details such as extensions.
- [Steve Henson]
-
- *) Function EC_POINTs_mul for multiple scalar multiplication
- of an arbitrary number of elliptic curve points
- \sum scalars[i]*points[i],
- optionally including the generator defined for the EC_GROUP:
- scalar*generator + \sum scalars[i]*points[i].
-
- EC_POINT_mul is a simple wrapper function for the typical case
- that the point list has just one item (besides the optional
- generator).
- [Bodo Moeller]
-
- *) First EC_METHODs for curves over GF(p):
-
- EC_GFp_simple_method() uses the basic BN_mod_mul and BN_mod_sqr
- operations and provides various method functions that can also
- operate with faster implementations of modular arithmetic.
-
- EC_GFp_mont_method() reuses most functions that are part of
- EC_GFp_simple_method, but uses Montgomery arithmetic.
-
- [Bodo Moeller; point addition and point doubling
- implementation directly derived from source code provided by
- Lenka Fibikova <fibikova@exp-math.uni-essen.de>]
-
- *) Framework for elliptic curves (crypto/ec/ec.h, crypto/ec/ec_lcl.h,
- crypto/ec/ec_lib.c):
-
- Curves are EC_GROUP objects (with an optional group generator)
- based on EC_METHODs that are built into the library.
-
- Points are EC_POINT objects based on EC_GROUP objects.
-
- Most of the framework would be able to handle curves over arbitrary
- finite fields, but as there are no obvious types for fields other
- than GF(p), some functions are limited to that for now.
- [Bodo Moeller]
-
- *) Add the -HTTP option to s_server. It is similar to -WWW, but requires
- that the file contains a complete HTTP response.
- [Richard Levitte]
-
- *) Add the ec directory to mkdef.pl and mkfiles.pl. In mkdef.pl
- change the def and num file printf format specifier from "%-40sXXX"
- to "%-39s XXX". The latter will always guarantee a space after the
- field while the former will cause them to run together if the field
- is 40 of more characters long.
- [Steve Henson]
-
- *) Constify the cipher and digest 'method' functions and structures
- and modify related functions to take constant EVP_MD and EVP_CIPHER
- pointers.
- [Steve Henson]
-
- *) Hide BN_CTX structure details in bn_lcl.h instead of publishing them
- in <openssl/bn.h>. Also further increase BN_CTX_NUM to 32.
- [Bodo Moeller]
-
- *) Modify EVP_Digest*() routines so they now return values. Although the
- internal software routines can never fail additional hardware versions
- might.
- [Steve Henson]
-
- *) Clean up crypto/err/err.h and change some error codes to avoid conflicts:
-
- Previously ERR_R_FATAL was too small and coincided with ERR_LIB_PKCS7
- (= ERR_R_PKCS7_LIB); it is now 64 instead of 32.
-
- ASN1 error codes
- ERR_R_NESTED_ASN1_ERROR
- ...
- ERR_R_MISSING_ASN1_EOS
- were 4 .. 9, conflicting with
- ERR_LIB_RSA (= ERR_R_RSA_LIB)
- ...
- ERR_LIB_PEM (= ERR_R_PEM_LIB).
- They are now 58 .. 63 (i.e., just below ERR_R_FATAL).
-
- Add new error code 'ERR_R_INTERNAL_ERROR'.
- [Bodo Moeller]
-
- *) Don't overuse locks in crypto/err/err.c: For data retrieval, CRYPTO_r_lock
- suffices.
- [Bodo Moeller]
-
- *) New option '-subj arg' for 'openssl req' and 'openssl ca'. This
- sets the subject name for a new request or supersedes the
- subject name in a given request. Formats that can be parsed are
- 'CN=Some Name, OU=myOU, C=IT'
- and
- 'CN=Some Name/OU=myOU/C=IT'.
-
- Add options '-batch' and '-verbose' to 'openssl req'.
- [Massimiliano Pala <madwolf@hackmasters.net>]
-
- *) Introduce the possibility to access global variables through
- functions on platform were that's the best way to handle exporting
- global variables in shared libraries. To enable this functionality,
- one must configure with "EXPORT_VAR_AS_FN" or defined the C macro
- "OPENSSL_EXPORT_VAR_AS_FUNCTION" in crypto/opensslconf.h (the latter
- is normally done by Configure or something similar).
-
- To implement a global variable, use the macro OPENSSL_IMPLEMENT_GLOBAL
- in the source file (foo.c) like this:
-
- OPENSSL_IMPLEMENT_GLOBAL(int,foo)=1;
- OPENSSL_IMPLEMENT_GLOBAL(double,bar);
-
- To declare a global variable, use the macros OPENSSL_DECLARE_GLOBAL
- and OPENSSL_GLOBAL_REF in the header file (foo.h) like this:
-
- OPENSSL_DECLARE_GLOBAL(int,foo);
- #define foo OPENSSL_GLOBAL_REF(foo)
- OPENSSL_DECLARE_GLOBAL(double,bar);
- #define bar OPENSSL_GLOBAL_REF(bar)
-
- The #defines are very important, and therefore so is including the
- header file everywhere where the defined globals are used.
-
- The macro OPENSSL_EXPORT_VAR_AS_FUNCTION also affects the definition
- of ASN.1 items, but that structure is a bit different.
-
- The largest change is in util/mkdef.pl which has been enhanced with
- better and easier to understand logic to choose which symbols should
- go into the Windows .def files as well as a number of fixes and code
- cleanup (among others, algorithm keywords are now sorted
- lexicographically to avoid constant rewrites).
- [Richard Levitte]
-
- *) In BN_div() keep a copy of the sign of 'num' before writing the
- result to 'rm' because if rm==num the value will be overwritten
- and produce the wrong result if 'num' is negative: this caused
- problems with BN_mod() and BN_nnmod().
- [Steve Henson]
-
- *) Function OCSP_request_verify(). This checks the signature on an
- OCSP request and verifies the signer certificate. The signer
- certificate is just checked for a generic purpose and OCSP request
- trust settings.
- [Steve Henson]
-
- *) Add OCSP_check_validity() function to check the validity of OCSP
- responses. OCSP responses are prepared in real time and may only
- be a few seconds old. Simply checking that the current time lies
- between thisUpdate and nextUpdate max reject otherwise valid responses
- caused by either OCSP responder or client clock inaccuracy. Instead
- we allow thisUpdate and nextUpdate to fall within a certain period of
- the current time. The age of the response can also optionally be
- checked. Two new options -validity_period and -status_age added to
- ocsp utility.
- [Steve Henson]
-
- *) If signature or public key algorithm is unrecognized print out its
- OID rather that just UNKNOWN.
- [Steve Henson]
-
- *) Change OCSP_cert_to_id() to tolerate a NULL subject certificate and
- OCSP_cert_id_new() a NULL serialNumber. This allows a partial certificate
- ID to be generated from the issuer certificate alone which can then be
- passed to OCSP_id_issuer_cmp().
- [Steve Henson]
-
- *) New compilation option ASN1_ITEM_FUNCTIONS. This causes the new
- ASN1 modules to export functions returning ASN1_ITEM pointers
- instead of the ASN1_ITEM structures themselves. This adds several
- new macros which allow the underlying ASN1 function/structure to
- be accessed transparently. As a result code should not use ASN1_ITEM
- references directly (such as &X509_it) but instead use the relevant
- macros (such as ASN1_ITEM_rptr(X509)). This option is to allow
- use of the new ASN1 code on platforms where exporting structures
- is problematical (for example in shared libraries) but exporting
- functions returning pointers to structures is not.
- [Steve Henson]
-
- *) Add support for overriding the generation of SSL/TLS session IDs.
- These callbacks can be registered either in an SSL_CTX or per SSL.
- The purpose of this is to allow applications to control, if they wish,
- the arbitrary values chosen for use as session IDs, particularly as it
- can be useful for session caching in multiple-server environments. A
- command-line switch for testing this (and any client code that wishes
- to use such a feature) has been added to "s_server".
- [Geoff Thorpe, Lutz Jaenicke]
-
- *) Modify mkdef.pl to recognise and parse preprocessor conditionals
- of the form '#if defined(...) || defined(...) || ...' and
- '#if !defined(...) && !defined(...) && ...'. This also avoids
- the growing number of special cases it was previously handling.
- [Richard Levitte]
-
- *) Make all configuration macros available for application by making
- sure they are available in opensslconf.h, by giving them names starting
- with "OPENSSL_" to avoid conflicts with other packages and by making
- sure e_os2.h will cover all platform-specific cases together with
- opensslconf.h.
- Additionally, it is now possible to define configuration/platform-
- specific names (called "system identities"). In the C code, these
- are prefixed with "OPENSSL_SYSNAME_". e_os2.h will create another
- macro with the name beginning with "OPENSSL_SYS_", which is determined
- from "OPENSSL_SYSNAME_*" or compiler-specific macros depending on
- what is available.
- [Richard Levitte]
-
- *) New option -set_serial to 'req' and 'x509' this allows the serial
- number to use to be specified on the command line. Previously self
- signed certificates were hard coded with serial number 0 and the
- CA options of 'x509' had to use a serial number in a file which was
- auto incremented.
- [Steve Henson]
-
- *) New options to 'ca' utility to support V2 CRL entry extensions.
- Currently CRL reason, invalidity date and hold instruction are
- supported. Add new CRL extensions to V3 code and some new objects.
- [Steve Henson]
-
- *) New function EVP_CIPHER_CTX_set_padding() this is used to
- disable standard block padding (aka PKCS#5 padding) in the EVP
- API, which was previously mandatory. This means that the data is
- not padded in any way and so the total length much be a multiple
- of the block size, otherwise an error occurs.
- [Steve Henson]
-
- *) Initial (incomplete) OCSP SSL support.
- [Steve Henson]
-
- *) New function OCSP_parse_url(). This splits up a URL into its host,
- port and path components: primarily to parse OCSP URLs. New -url
- option to ocsp utility.
- [Steve Henson]
-
- *) New nonce behavior. The return value of OCSP_check_nonce() now
- reflects the various checks performed. Applications can decide
- whether to tolerate certain situations such as an absent nonce
- in a response when one was present in a request: the ocsp application
- just prints out a warning. New function OCSP_add1_basic_nonce()
- this is to allow responders to include a nonce in a response even if
- the request is nonce-less.
- [Steve Henson]
-
- *) Disable stdin buffering in load_cert (apps/apps.c) so that no certs are
- skipped when using openssl x509 multiple times on a single input file,
- e.g. "(openssl x509 -out cert1; openssl x509 -out cert2) <certs".
- [Bodo Moeller]
-
- *) Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string()
- set string type: to handle setting ASN1_TIME structures. Fix ca
- utility to correctly initialize revocation date of CRLs.
- [Steve Henson]
-
- *) New option SSL_OP_CIPHER_SERVER_PREFERENCE allows the server to override
- the clients preferred ciphersuites and rather use its own preferences.
- Should help to work around M$ SGC (Server Gated Cryptography) bug in
- Internet Explorer by ensuring unchanged hash method during stepup.
- (Also replaces the broken/deactivated SSL_OP_NON_EXPORT_FIRST option.)
- [Lutz Jaenicke]
-
- *) Make mkdef.pl recognise all DECLARE_ASN1 macros, change rijndael
- to aes and add a new 'exist' option to print out symbols that don't
- appear to exist.
- [Steve Henson]
-
- *) Additional options to ocsp utility to allow flags to be set and
- additional certificates supplied.
- [Steve Henson]
-
- *) Add the option -VAfile to 'openssl ocsp', so the user can give the
- OCSP client a number of certificate to only verify the response
- signature against.
- [Richard Levitte]
-
- *) Update Rijndael code to version 3.0 and change EVP AES ciphers to
- handle the new API. Currently only ECB, CBC modes supported. Add new
- AES OIDs.
-
- Add TLS AES ciphersuites as described in RFC3268, "Advanced
- Encryption Standard (AES) Ciphersuites for Transport Layer
- Security (TLS)". (In beta versions of OpenSSL 0.9.7, these were
- not enabled by default and were not part of the "ALL" ciphersuite
- alias because they were not yet official; they could be
- explicitly requested by specifying the "AESdraft" ciphersuite
- group alias. In the final release of OpenSSL 0.9.7, the group
- alias is called "AES" and is part of "ALL".)
- [Ben Laurie, Steve Henson, Bodo Moeller]
-
- *) New function OCSP_copy_nonce() to copy nonce value (if present) from
- request to response.
- [Steve Henson]
-
- *) Functions for OCSP responders. OCSP_request_onereq_count(),
- OCSP_request_onereq_get0(), OCSP_onereq_get0_id() and OCSP_id_get0_info()
- extract information from a certificate request. OCSP_response_create()
- creates a response and optionally adds a basic response structure.
- OCSP_basic_add1_status() adds a complete single response to a basic
- response and returns the OCSP_SINGLERESP structure just added (to allow
- extensions to be included for example). OCSP_basic_add1_cert() adds a
- certificate to a basic response and OCSP_basic_sign() signs a basic
- response with various flags. New helper functions ASN1_TIME_check()
- (checks validity of ASN1_TIME structure) and ASN1_TIME_to_generalizedtime()
- (converts ASN1_TIME to GeneralizedTime).
- [Steve Henson]
-
- *) Various new functions. EVP_Digest() combines EVP_Digest{Init,Update,Final}()
- in a single operation. X509_get0_pubkey_bitstr() extracts the public_key
- structure from a certificate. X509_pubkey_digest() digests the public_key
- contents: this is used in various key identifiers.
- [Steve Henson]
-
- *) Make sk_sort() tolerate a NULL argument.
- [Steve Henson reported by Massimiliano Pala <madwolf@comune.modena.it>]
-
- *) New OCSP verify flag OCSP_TRUSTOTHER. When set the "other" certificates
- passed by the function are trusted implicitly. If any of them signed the
- response then it is assumed to be valid and is not verified.
- [Steve Henson]
-
- *) In PKCS7_set_type() initialise content_type in PKCS7_ENC_CONTENT
- to data. This was previously part of the PKCS7 ASN1 code. This
- was causing problems with OpenSSL created PKCS#12 and PKCS#7 structures.
- [Steve Henson, reported by Kenneth R. Robinette
- <support@securenetterm.com>]
-
- *) Add CRYPTO_push_info() and CRYPTO_pop_info() calls to new ASN1
- routines: without these tracing memory leaks is very painful.
- Fix leaks in PKCS12 and PKCS7 routines.
- [Steve Henson]
-
- *) Make X509_time_adj() cope with the new behaviour of ASN1_TIME_new().
- Previously it initialised the 'type' argument to V_ASN1_UTCTIME which
- effectively meant GeneralizedTime would never be used. Now it
- is initialised to -1 but X509_time_adj() now has to check the value
- and use ASN1_TIME_set() if the value is not V_ASN1_UTCTIME or
- V_ASN1_GENERALIZEDTIME, without this it always uses GeneralizedTime.
- [Steve Henson, reported by Kenneth R. Robinette
- <support@securenetterm.com>]
-
- *) Fixes to BN_to_ASN1_INTEGER when bn is zero. This would previously
- result in a zero length in the ASN1_INTEGER structure which was
- not consistent with the structure when d2i_ASN1_INTEGER() was used
- and would cause ASN1_INTEGER_cmp() to fail. Enhance s2i_ASN1_INTEGER()
- to cope with hex and negative integers. Fix bug in i2a_ASN1_INTEGER()
- where it did not print out a minus for negative ASN1_INTEGER.
- [Steve Henson]
-
- *) Add summary printout to ocsp utility. The various functions which
- convert status values to strings have been renamed to:
- OCSP_response_status_str(), OCSP_cert_status_str() and
- OCSP_crl_reason_str() and are no longer static. New options
- to verify nonce values and to disable verification. OCSP response
- printout format cleaned up.
- [Steve Henson]
-
- *) Add additional OCSP certificate checks. These are those specified
- in RFC2560. This consists of two separate checks: the CA of the
- certificate being checked must either be the OCSP signer certificate
- or the issuer of the OCSP signer certificate. In the latter case the
- OCSP signer certificate must contain the OCSP signing extended key
- usage. This check is performed by attempting to match the OCSP
- signer or the OCSP signer CA to the issuerNameHash and issuerKeyHash
- in the OCSP_CERTID structures of the response.
- [Steve Henson]
-
- *) Initial OCSP certificate verification added to OCSP_basic_verify()
- and related routines. This uses the standard OpenSSL certificate
- verify routines to perform initial checks (just CA validity) and
- to obtain the certificate chain. Then additional checks will be
- performed on the chain. Currently the root CA is checked to see
- if it is explicitly trusted for OCSP signing. This is used to set
- a root CA as a global signing root: that is any certificate that
- chains to that CA is an acceptable OCSP signing certificate.
- [Steve Henson]
-
- *) New '-extfile ...' option to 'openssl ca' for reading X.509v3
- extensions from a separate configuration file.
- As when reading extensions from the main configuration file,
- the '-extensions ...' option may be used for specifying the
- section to use.
- [Massimiliano Pala <madwolf@comune.modena.it>]
-
- *) New OCSP utility. Allows OCSP requests to be generated or
- read. The request can be sent to a responder and the output
- parsed, outputed or printed in text form. Not complete yet:
- still needs to check the OCSP response validity.
- [Steve Henson]
-
- *) New subcommands for 'openssl ca':
- 'openssl ca -status <serial>' prints the status of the cert with
- the given serial number (according to the index file).
- 'openssl ca -updatedb' updates the expiry status of certificates
- in the index file.
- [Massimiliano Pala <madwolf@comune.modena.it>]
-
- *) New '-newreq-nodes' command option to CA.pl. This is like
- '-newreq', but calls 'openssl req' with the '-nodes' option
- so that the resulting key is not encrypted.
- [Damien Miller <djm@mindrot.org>]
-
- *) New configuration for the GNU Hurd.
- [Jonathan Bartlett <johnnyb@wolfram.com> via Richard Levitte]
-
- *) Initial code to implement OCSP basic response verify. This
- is currently incomplete. Currently just finds the signer's
- certificate and verifies the signature on the response.
- [Steve Henson]
-
- *) New SSLeay_version code SSLEAY_DIR to determine the compiled-in
- value of OPENSSLDIR. This is available via the new '-d' option
- to 'openssl version', and is also included in 'openssl version -a'.
- [Bodo Moeller]
-
- *) Allowing defining memory allocation callbacks that will be given
- file name and line number information in additional arguments
- (a const char* and an int). The basic functionality remains, as
- well as the original possibility to just replace malloc(),
- realloc() and free() by functions that do not know about these
- additional arguments. To register and find out the current
- settings for extended allocation functions, the following
- functions are provided:
-
- CRYPTO_set_mem_ex_functions
- CRYPTO_set_locked_mem_ex_functions
- CRYPTO_get_mem_ex_functions
- CRYPTO_get_locked_mem_ex_functions
-
- These work the same way as CRYPTO_set_mem_functions and friends.
- CRYPTO_get_[locked_]mem_functions now writes 0 where such an
- extended allocation function is enabled.
- Similarly, CRYPTO_get_[locked_]mem_ex_functions writes 0 where
- a conventional allocation function is enabled.
- [Richard Levitte, Bodo Moeller]
-
- *) Finish off removing the remaining LHASH function pointer casts.
- There should no longer be any prototype-casting required when using
- the LHASH abstraction, and any casts that remain are "bugs". See
- the callback types and macros at the head of lhash.h for details
- (and "OBJ_cleanup" in crypto/objects/obj_dat.c as an example).
- [Geoff Thorpe]
-
- *) Add automatic query of EGD sockets in RAND_poll() for the unix variant.
- If /dev/[u]random devices are not available or do not return enough
- entropy, EGD style sockets (served by EGD or PRNGD) will automatically
- be queried.
- The locations /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool, and
- /etc/entropy will be queried once each in this sequence, quering stops
- when enough entropy was collected without querying more sockets.
- [Lutz Jaenicke]
-
- *) Change the Unix RAND_poll() variant to be able to poll several
- random devices, as specified by DEVRANDOM, until a sufficient amount
- of data has been collected. We spend at most 10 ms on each file
- (select timeout) and read in non-blocking mode. DEVRANDOM now
- defaults to the list "/dev/urandom", "/dev/random", "/dev/srandom"
- (previously it was just the string "/dev/urandom"), so on typical
- platforms the 10 ms delay will never occur.
- Also separate out the Unix variant to its own file, rand_unix.c.
- For VMS, there's a currently-empty rand_vms.c.
- [Richard Levitte]
-
- *) Move OCSP client related routines to ocsp_cl.c. These
- provide utility functions which an application needing
- to issue a request to an OCSP responder and analyse the
- response will typically need: as opposed to those which an
- OCSP responder itself would need which will be added later.
-
- OCSP_request_sign() signs an OCSP request with an API similar
- to PKCS7_sign(). OCSP_response_status() returns status of OCSP
- response. OCSP_response_get1_basic() extracts basic response
- from response. OCSP_resp_find_status(): finds and extracts status
- information from an OCSP_CERTID structure (which will be created
- when the request structure is built). These are built from lower
- level functions which work on OCSP_SINGLERESP structures but
- wont normally be used unless the application wishes to examine
- extensions in the OCSP response for example.
-
- Replace nonce routines with a pair of functions.
- OCSP_request_add1_nonce() adds a nonce value and optionally
- generates a random value. OCSP_check_nonce() checks the
- validity of the nonce in an OCSP response.
- [Steve Henson]
-
- *) Change function OCSP_request_add() to OCSP_request_add0_id().
- This doesn't copy the supplied OCSP_CERTID and avoids the
- need to free up the newly created id. Change return type
- to OCSP_ONEREQ to return the internal OCSP_ONEREQ structure.
- This can then be used to add extensions to the request.
- Deleted OCSP_request_new(), since most of its functionality
- is now in OCSP_REQUEST_new() (and the case insensitive name
- clash) apart from the ability to set the request name which
- will be added elsewhere.
- [Steve Henson]
-
- *) Update OCSP API. Remove obsolete extensions argument from
- various functions. Extensions are now handled using the new
- OCSP extension code. New simple OCSP HTTP function which
- can be used to send requests and parse the response.
- [Steve Henson]
-
- *) Fix the PKCS#7 (S/MIME) code to work with new ASN1. Two new
- ASN1_ITEM structures help with sign and verify. PKCS7_ATTR_SIGN
- uses the special reorder version of SET OF to sort the attributes
- and reorder them to match the encoded order. This resolves a long
- standing problem: a verify on a PKCS7 structure just after signing
- it used to fail because the attribute order did not match the
- encoded order. PKCS7_ATTR_VERIFY does not reorder the attributes:
- it uses the received order. This is necessary to tolerate some broken
- software that does not order SET OF. This is handled by encoding
- as a SEQUENCE OF but using implicit tagging (with UNIVERSAL class)
- to produce the required SET OF.
- [Steve Henson]
-
- *) Have mk1mf.pl generate the macros OPENSSL_BUILD_SHLIBCRYPTO and
- OPENSSL_BUILD_SHLIBSSL and use them appropriately in the header
- files to get correct declarations of the ASN.1 item variables.
- [Richard Levitte]
-
- *) Rewrite of PKCS#12 code to use new ASN1 functionality. Replace many
- PKCS#12 macros with real functions. Fix two unrelated ASN1 bugs:
- asn1_check_tlen() would sometimes attempt to use 'ctx' when it was
- NULL and ASN1_TYPE was not dereferenced properly in asn1_ex_c2i().
- New ASN1 macro: DECLARE_ASN1_ITEM() which just declares the relevant
- ASN1_ITEM and no wrapper functions.
- [Steve Henson]
-
- *) New functions or ASN1_item_d2i_fp() and ASN1_item_d2i_bio(). These
- replace the old function pointer based I/O routines. Change most of
- the *_d2i_bio() and *_d2i_fp() functions to use these.
- [Steve Henson]
-
- *) Enhance mkdef.pl to be more accepting about spacing in C preprocessor
- lines, recognice more "algorithms" that can be deselected, and make
- it complain about algorithm deselection that isn't recognised.
- [Richard Levitte]
-
- *) New ASN1 functions to handle dup, sign, verify, digest, pack and
- unpack operations in terms of ASN1_ITEM. Modify existing wrappers
- to use new functions. Add NO_ASN1_OLD which can be set to remove
- some old style ASN1 functions: this can be used to determine if old
- code will still work when these eventually go away.
- [Steve Henson]
-
- *) New extension functions for OCSP structures, these follow the
- same conventions as certificates and CRLs.
- [Steve Henson]
-
- *) New function X509V3_add1_i2d(). This automatically encodes and
- adds an extension. Its behaviour can be customised with various
- flags to append, replace or delete. Various wrappers added for
- certifcates and CRLs.
- [Steve Henson]
-
- *) Fix to avoid calling the underlying ASN1 print routine when
- an extension cannot be parsed. Correct a typo in the
- OCSP_SERVICELOC extension. Tidy up print OCSP format.
- [Steve Henson]
-
- *) Make mkdef.pl parse some of the ASN1 macros and add apropriate
- entries for variables.
- [Steve Henson]
-
- *) Add functionality to apps/openssl.c for detecting locking
- problems: As the program is single-threaded, all we have
- to do is register a locking callback using an array for
- storing which locks are currently held by the program.
- [Bodo Moeller]
-
- *) Use a lock around the call to CRYPTO_get_ex_new_index() in
- SSL_get_ex_data_X509_STORE_idx(), which is used in
- ssl_verify_cert_chain() and thus can be called at any time
- during TLS/SSL handshakes so that thread-safety is essential.
- Unfortunately, the ex_data design is not at all suited
- for multi-threaded use, so it probably should be abolished.
- [Bodo Moeller]
-
- *) Added Broadcom "ubsec" ENGINE to OpenSSL.
- [Broadcom, tweaked and integrated by Geoff Thorpe]
-
- *) Move common extension printing code to new function
- X509V3_print_extensions(). Reorganise OCSP print routines and
- implement some needed OCSP ASN1 functions. Add OCSP extensions.
- [Steve Henson]
-
- *) New function X509_signature_print() to remove duplication in some
- print routines.
- [Steve Henson]
-
- *) Add a special meaning when SET OF and SEQUENCE OF flags are both
- set (this was treated exactly the same as SET OF previously). This
- is used to reorder the STACK representing the structure to match the
- encoding. This will be used to get round a problem where a PKCS7
- structure which was signed could not be verified because the STACK
- order did not reflect the encoded order.
- [Steve Henson]
-
- *) Reimplement the OCSP ASN1 module using the new code.
- [Steve Henson]
-
- *) Update the X509V3 code to permit the use of an ASN1_ITEM structure
- for its ASN1 operations. The old style function pointers still exist
- for now but they will eventually go away.
- [Steve Henson]
-
- *) Merge in replacement ASN1 code from the ASN1 branch. This almost
- completely replaces the old ASN1 functionality with a table driven
- encoder and decoder which interprets an ASN1_ITEM structure describing
- the ASN1 module. Compatibility with the existing ASN1 API (i2d,d2i) is
- largely maintained. Almost all of the old asn1_mac.h macro based ASN1
- has also been converted to the new form.
- [Steve Henson]
-
- *) Change BN_mod_exp_recp so that negative moduli are tolerated
- (the sign is ignored). Similarly, ignore the sign in BN_MONT_CTX_set
- so that BN_mod_exp_mont and BN_mod_exp_mont_word work
- for negative moduli.
- [Bodo Moeller]
-
- *) Fix BN_uadd and BN_usub: Always return non-negative results instead
- of not touching the result's sign bit.
- [Bodo Moeller]
-
- *) BN_div bugfix: If the result is 0, the sign (res->neg) must not be
- set.
- [Bodo Moeller]
-
- *) Changed the LHASH code to use prototypes for callbacks, and created
- macros to declare and implement thin (optionally static) functions
- that provide type-safety and avoid function pointer casting for the
- type-specific callbacks.
- [Geoff Thorpe]
-
- *) Added Kerberos Cipher Suites to be used with TLS, as written in
- RFC 2712.
- [Veers Staats <staatsvr@asc.hpc.mil>,
- Jeffrey Altman <jaltman@columbia.edu>, via Richard Levitte]
-
- *) Reformat the FAQ so the different questions and answers can be divided
- in sections depending on the subject.
- [Richard Levitte]
-
- *) Have the zlib compression code load ZLIB.DLL dynamically under
- Windows.
- [Richard Levitte]
-
- *) New function BN_mod_sqrt for computing square roots modulo a prime
- (using the probabilistic Tonelli-Shanks algorithm unless
- p == 3 (mod 4) or p == 5 (mod 8), which are cases that can
- be handled deterministically).
- [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
-
- *) Make BN_mod_inverse faster by explicitly handling small quotients
- in the Euclid loop. (Speed gain about 20% for small moduli [256 or
- 512 bits], about 30% for larger ones [1024 or 2048 bits].)
- [Bodo Moeller]
-
- *) New function BN_kronecker.
- [Bodo Moeller]
-
- *) Fix BN_gcd so that it works on negative inputs; the result is
- positive unless both parameters are zero.
- Previously something reasonably close to an infinite loop was
- possible because numbers could be growing instead of shrinking
- in the implementation of Euclid's algorithm.
- [Bodo Moeller]
-
- *) Fix BN_is_word() and BN_is_one() macros to take into account the
- sign of the number in question.
-
- Fix BN_is_word(a,w) to work correctly for w == 0.
-
- The old BN_is_word(a,w) macro is now called BN_abs_is_word(a,w)
- because its test if the absolute value of 'a' equals 'w'.
- Note that BN_abs_is_word does *not* handle w == 0 reliably;
- it exists mostly for use in the implementations of BN_is_zero(),
- BN_is_one(), and BN_is_word().
- [Bodo Moeller]
-
- *) New function BN_swap.
- [Bodo Moeller]
-
- *) Use BN_nnmod instead of BN_mod in crypto/bn/bn_exp.c so that
- the exponentiation functions are more likely to produce reasonable
- results on negative inputs.
- [Bodo Moeller]
-
- *) Change BN_mod_mul so that the result is always non-negative.
- Previously, it could be negative if one of the factors was negative;
- I don't think anyone really wanted that behaviour.
- [Bodo Moeller]
-
- *) Move BN_mod_... functions into new file crypto/bn/bn_mod.c
- (except for exponentiation, which stays in crypto/bn/bn_exp.c,
- and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c)
- and add new functions:
-
- BN_nnmod
- BN_mod_sqr
- BN_mod_add
- BN_mod_add_quick
- BN_mod_sub
- BN_mod_sub_quick
- BN_mod_lshift1
- BN_mod_lshift1_quick
- BN_mod_lshift
- BN_mod_lshift_quick
-
- These functions always generate non-negative results.
-
- BN_nnmod otherwise is like BN_mod (if BN_mod computes a remainder r
- such that |m| < r < 0, BN_nnmod will output rem + |m| instead).
-
- BN_mod_XXX_quick(r, a, [b,] m) generates the same result as
- BN_mod_XXX(r, a, [b,] m, ctx), but requires that a [and b]
- be reduced modulo m.
- [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
-
-#if 0
- The following entry accidentily appeared in the CHANGES file
- distributed with OpenSSL 0.9.7. The modifications described in
- it do *not* apply to OpenSSL 0.9.7.
-
- *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
- was actually never needed) and in BN_mul(). The removal in BN_mul()
- required a small change in bn_mul_part_recursive() and the addition
- of the functions bn_cmp_part_words(), bn_sub_part_words() and
- bn_add_part_words(), which do the same thing as bn_cmp_words(),
- bn_sub_words() and bn_add_words() except they take arrays with
- differing sizes.
- [Richard Levitte]
-#endif
-
- *) In 'openssl passwd', verify passwords read from the terminal
- unless the '-salt' option is used (which usually means that
- verification would just waste user's time since the resulting
- hash is going to be compared with some given password hash)
- or the new '-noverify' option is used.
-
- This is an incompatible change, but it does not affect
- non-interactive use of 'openssl passwd' (passwords on the command
- line, '-stdin' option, '-in ...' option) and thus should not
- cause any problems.
- [Bodo Moeller]
-
- *) Remove all references to RSAref, since there's no more need for it.
- [Richard Levitte]
-
- *) Make DSO load along a path given through an environment variable
- (SHLIB_PATH) with shl_load().
- [Richard Levitte]
-
- *) Constify the ENGINE code as a result of BIGNUM constification.
- Also constify the RSA code and most things related to it. In a
- few places, most notable in the depth of the ASN.1 code, ugly
- casts back to non-const were required (to be solved at a later
- time)
- [Richard Levitte]
-
- *) Make it so the openssl application has all engines loaded by default.
- [Richard Levitte]
-
- *) Constify the BIGNUM routines a little more.
- [Richard Levitte]
-
- *) Add the following functions:
-
- ENGINE_load_cswift()
- ENGINE_load_chil()
- ENGINE_load_atalla()
- ENGINE_load_nuron()
- ENGINE_load_builtin_engines()
-
- That way, an application can itself choose if external engines that
- are built-in in OpenSSL shall ever be used or not. The benefit is
- that applications won't have to be linked with libdl or other dso
- libraries unless it's really needed.
-
- Changed 'openssl engine' to load all engines on demand.
- Changed the engine header files to avoid the duplication of some
- declarations (they differed!).
- [Richard Levitte]
-
- *) 'openssl engine' can now list capabilities.
- [Richard Levitte]
-
- *) Better error reporting in 'openssl engine'.
- [Richard Levitte]
-
- *) Never call load_dh_param(NULL) in s_server.
- [Bodo Moeller]
-
- *) Add engine application. It can currently list engines by name and
- identity, and test if they are actually available.
- [Richard Levitte]
-
- *) Improve RPM specification file by forcing symbolic linking and making
- sure the installed documentation is also owned by root.root.
- [Damien Miller <djm@mindrot.org>]
-
- *) Give the OpenSSL applications more possibilities to make use of
- keys (public as well as private) handled by engines.
- [Richard Levitte]
-
- *) Add OCSP code that comes from CertCo.
- [Richard Levitte]
-
- *) Add VMS support for the Rijndael code.
- [Richard Levitte]
-
- *) Added untested support for Nuron crypto accelerator.
- [Ben Laurie]
-
- *) Add support for external cryptographic devices. This code was
- previously distributed separately as the "engine" branch.
- [Geoff Thorpe, Richard Levitte]
-
- *) Rework the filename-translation in the DSO code. It is now possible to
- have far greater control over how a "name" is turned into a filename
- depending on the operating environment and any oddities about the
- different shared library filenames on each system.
- [Geoff Thorpe]
-
- *) Support threads on FreeBSD-elf in Configure.
- [Richard Levitte]
-
- *) Fix for SHA1 assembly problem with MASM: it produces
- warnings about corrupt line number information when assembling
- with debugging information. This is caused by the overlapping
- of two sections.
- [Bernd Matthes <mainbug@celocom.de>, Steve Henson]
-
- *) NCONF changes.
- NCONF_get_number() has no error checking at all. As a replacement,
- NCONF_get_number_e() is defined (_e for "error checking") and is
- promoted strongly. The old NCONF_get_number is kept around for
- binary backward compatibility.
- Make it possible for methods to load from something other than a BIO,
- by providing a function pointer that is given a name instead of a BIO.
- For example, this could be used to load configuration data from an
- LDAP server.
- [Richard Levitte]
-
- *) Fix for non blocking accept BIOs. Added new I/O special reason
- BIO_RR_ACCEPT to cover this case. Previously use of accept BIOs
- with non blocking I/O was not possible because no retry code was
- implemented. Also added new SSL code SSL_WANT_ACCEPT to cover
- this case.
- [Steve Henson]
-
- *) Added the beginnings of Rijndael support.
- [Ben Laurie]
-
- *) Fix for bug in DirectoryString mask setting. Add support for
- X509_NAME_print_ex() in 'req' and X509_print_ex() function
- to allow certificate printing to more controllable, additional
- 'certopt' option to 'x509' to allow new printing options to be
- set.
- [Steve Henson]
-
- *) Clean old EAY MD5 hack from e_os.h.
- [Richard Levitte]
-
- Changes between 0.9.6l and 0.9.6m [17 Mar 2004]
-
- *) Fix null-pointer assignment in do_change_cipher_spec() revealed
- by using the Codenomicon TLS Test Tool (CVE-2004-0079)
- [Joe Orton, Steve Henson]
-
- Changes between 0.9.6k and 0.9.6l [04 Nov 2003]
-
- *) Fix additional bug revealed by the NISCC test suite:
-
- Stop bug triggering large recursion when presented with
- certain ASN.1 tags (CVE-2003-0851)
- [Steve Henson]
-
- Changes between 0.9.6j and 0.9.6k [30 Sep 2003]
-
- *) Fix various bugs revealed by running the NISCC test suite:
-
- Stop out of bounds reads in the ASN1 code when presented with
- invalid tags (CVE-2003-0543 and CVE-2003-0544).
-
- If verify callback ignores invalid public key errors don't try to check
- certificate signature with the NULL public key.
-
- [Steve Henson]
-
- *) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
- if the server requested one: as stated in TLS 1.0 and SSL 3.0
- specifications.
- [Steve Henson]
-
- *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
- extra data after the compression methods not only for TLS 1.0
- but also for SSL 3.0 (as required by the specification).
- [Bodo Moeller; problem pointed out by Matthias Loepfe]
-
- *) Change X509_certificate_type() to mark the key as exported/exportable
- when it's 512 *bits* long, not 512 bytes.
- [Richard Levitte]
-
- Changes between 0.9.6i and 0.9.6j [10 Apr 2003]
-
- *) Countermeasure against the Klima-Pokorny-Rosa extension of
- Bleichbacher's attack on PKCS #1 v1.5 padding: treat
- a protocol version number mismatch like a decryption error
- in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
- [Bodo Moeller]
-
- *) Turn on RSA blinding by default in the default implementation
- to avoid a timing attack. Applications that don't want it can call
- RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
- They would be ill-advised to do so in most cases.
- [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]
-
- *) Change RSA blinding code so that it works when the PRNG is not
- seeded (in this case, the secret RSA exponent is abused as
- an unpredictable seed -- if it is not unpredictable, there
- is no point in blinding anyway). Make RSA blinding thread-safe
- by remembering the creator's thread ID in rsa->blinding and
- having all other threads use local one-time blinding factors
- (this requires more computation than sharing rsa->blinding, but
- avoids excessive locking; and if an RSA object is not shared
- between threads, blinding will still be very fast).
- [Bodo Moeller]
-
- Changes between 0.9.6h and 0.9.6i [19 Feb 2003]
-
- *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
- via timing by performing a MAC computation even if incorrrect
- block cipher padding has been found. This is a countermeasure
- against active attacks where the attacker has to distinguish
- between bad padding and a MAC verification error. (CVE-2003-0078)
-
- [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
- Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
- Martin Vuagnoux (EPFL, Ilion)]
-
- Changes between 0.9.6g and 0.9.6h [5 Dec 2002]
-
- *) New function OPENSSL_cleanse(), which is used to cleanse a section of
- memory from it's contents. This is done with a counter that will
- place alternating values in each byte. This can be used to solve
- two issues: 1) the removal of calls to memset() by highly optimizing
- compilers, and 2) cleansing with other values than 0, since those can
- be read through on certain media, for example a swap space on disk.
- [Geoff Thorpe]
-
- *) Bugfix: client side session caching did not work with external caching,
- because the session->cipher setting was not restored when reloading
- from the external cache. This problem was masked, when
- SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
- (Found by Steve Haslam <steve@araqnid.ddts.net>.)
- [Lutz Jaenicke]
-
- *) Fix client_certificate (ssl/s2_clnt.c): The permissible total
- length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
- [Zeev Lieber <zeev-l@yahoo.com>]
-
- *) Undo an undocumented change introduced in 0.9.6e which caused
- repeated calls to OpenSSL_add_all_ciphers() and
- OpenSSL_add_all_digests() to be ignored, even after calling
- EVP_cleanup().
- [Richard Levitte]
-
- *) Change the default configuration reader to deal with last line not
- being properly terminated.
- [Richard Levitte]
-
- *) Change X509_NAME_cmp() so it applies the special rules on handling
- DN values that are of type PrintableString, as well as RDNs of type
- emailAddress where the value has the type ia5String.
- [stefank@valicert.com via Richard Levitte]
-
- *) Add a SSL_SESS_CACHE_NO_INTERNAL_STORE flag to take over half
- the job SSL_SESS_CACHE_NO_INTERNAL_LOOKUP was inconsistently
- doing, define a new flag (SSL_SESS_CACHE_NO_INTERNAL) to be
- the bitwise-OR of the two for use by the majority of applications
- wanting this behaviour, and update the docs. The documented
- behaviour and actual behaviour were inconsistent and had been
- changing anyway, so this is more a bug-fix than a behavioural
- change.
- [Geoff Thorpe, diagnosed by Nadav Har'El]
-
- *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c
- (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).
- [Bodo Moeller]
-
- *) Fix initialization code race conditions in
- SSLv23_method(), SSLv23_client_method(), SSLv23_server_method(),
- SSLv2_method(), SSLv2_client_method(), SSLv2_server_method(),
- SSLv3_method(), SSLv3_client_method(), SSLv3_server_method(),
- TLSv1_method(), TLSv1_client_method(), TLSv1_server_method(),
- ssl2_get_cipher_by_char(),
- ssl3_get_cipher_by_char().
- [Patrick McCormick <patrick@tellme.com>, Bodo Moeller]
-
- *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after
- the cached sessions are flushed, as the remove_cb() might use ex_data
- contents. Bug found by Sam Varshavchik <mrsam@courier-mta.com>
- (see [openssl.org #212]).
- [Geoff Thorpe, Lutz Jaenicke]
-
- *) Fix typo in OBJ_txt2obj which incorrectly passed the content
- length, instead of the encoding length to d2i_ASN1_OBJECT.
- [Steve Henson]
-
- Changes between 0.9.6f and 0.9.6g [9 Aug 2002]
-
- *) [In 0.9.6g-engine release:]
- Fix crypto/engine/vendor_defns/cswift.h for WIN32 (use '_stdcall').
- [Lynn Gazis <lgazis@rainbow.com>]
-
- Changes between 0.9.6e and 0.9.6f [8 Aug 2002]
-
- *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
- and get fix the header length calculation.
- [Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>,
- Alon Kantor <alonk@checkpoint.com> (and others),
- Steve Henson]
-
- *) Use proper error handling instead of 'assertions' in buffer
- overflow checks added in 0.9.6e. This prevents DoS (the
- assertions could call abort()).
- [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller]
-
- Changes between 0.9.6d and 0.9.6e [30 Jul 2002]
-
- *) Add various sanity checks to asn1_get_length() to reject
- the ASN1 length bytes if they exceed sizeof(long), will appear
- negative or the content length exceeds the length of the
- supplied buffer.
- [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
-
- *) Fix cipher selection routines: ciphers without encryption had no flags
- for the cipher strength set and where therefore not handled correctly
- by the selection routines (PR #130).
- [Lutz Jaenicke]
-
- *) Fix EVP_dsa_sha macro.
- [Nils Larsch]
-
- *) New option
- SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
- for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure
- that was added in OpenSSL 0.9.6d.
-
- As the countermeasure turned out to be incompatible with some
- broken SSL implementations, the new option is part of SSL_OP_ALL.
- SSL_OP_ALL is usually employed when compatibility with weird SSL
- implementations is desired (e.g. '-bugs' option to 's_client' and
- 's_server'), so the new option is automatically set in many
- applications.
- [Bodo Moeller]
-
- *) Changes in security patch:
-
- Changes marked "(CHATS)" were sponsored by the Defense Advanced
- Research Projects Agency (DARPA) and Air Force Research Laboratory,
- Air Force Materiel Command, USAF, under agreement number
- F30602-01-2-0537.
-
- *) Add various sanity checks to asn1_get_length() to reject
- the ASN1 length bytes if they exceed sizeof(long), will appear
- negative or the content length exceeds the length of the
- supplied buffer. (CVE-2002-0659)
- [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
-
- *) Assertions for various potential buffer overflows, not known to
- happen in practice.
- [Ben Laurie (CHATS)]
-
- *) Various temporary buffers to hold ASCII versions of integers were
- too small for 64 bit platforms. (CVE-2002-0655)
- [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
-
- *) Remote buffer overflow in SSL3 protocol - an attacker could
- supply an oversized session ID to a client. (CVE-2002-0656)
- [Ben Laurie (CHATS)]
-
- *) Remote buffer overflow in SSL2 protocol - an attacker could
- supply an oversized client master key. (CVE-2002-0656)
- [Ben Laurie (CHATS)]
-
- Changes between 0.9.6c and 0.9.6d [9 May 2002]
-
- *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
- encoded as NULL) with id-dsa-with-sha1.
- [Nils Larsch <nla@trustcenter.de>; problem pointed out by Bodo Moeller]
-
- *) Check various X509_...() return values in apps/req.c.
- [Nils Larsch <nla@trustcenter.de>]
-
- *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines:
- an end-of-file condition would erronously be flagged, when the CRLF
- was just at the end of a processed block. The bug was discovered when
- processing data through a buffering memory BIO handing the data to a
- BASE64-decoding BIO. Bug fund and patch submitted by Pavel Tsekov
- <ptsekov@syntrex.com> and Nedelcho Stanev.
- [Lutz Jaenicke]
-
- *) Implement a countermeasure against a vulnerability recently found
- in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment
- before application data chunks to avoid the use of known IVs
- with data potentially chosen by the attacker.
- [Bodo Moeller]
-
- *) Fix length checks in ssl3_get_client_hello().
- [Bodo Moeller]
-
- *) TLS/SSL library bugfix: use s->s3->in_read_app_data differently
- to prevent ssl3_read_internal() from incorrectly assuming that
- ssl3_read_bytes() found application data while handshake
- processing was enabled when in fact s->s3->in_read_app_data was
- merely automatically cleared during the initial handshake.
- [Bodo Moeller; problem pointed out by Arne Ansper <arne@ats.cyber.ee>]
-
- *) Fix object definitions for Private and Enterprise: they were not
- recognized in their shortname (=lowercase) representation. Extend
- obj_dat.pl to issue an error when using undefined keywords instead
- of silently ignoring the problem (Svenning Sorensen
- <sss@sss.dnsalias.net>).
- [Lutz Jaenicke]
-
- *) Fix DH_generate_parameters() so that it works for 'non-standard'
- generators, i.e. generators other than 2 and 5. (Previously, the
- code did not properly initialise the 'add' and 'rem' values to
- BN_generate_prime().)
-
- In the new general case, we do not insist that 'generator' is
- actually a primitive root: This requirement is rather pointless;
- a generator of the order-q subgroup is just as good, if not
- better.
- [Bodo Moeller]
-
- *) Map new X509 verification errors to alerts. Discovered and submitted by
- Tom Wu <tom@arcot.com>.
- [Lutz Jaenicke]
-
- *) Fix ssl3_pending() (ssl/s3_lib.c) to prevent SSL_pending() from
- returning non-zero before the data has been completely received
- when using non-blocking I/O.
- [Bodo Moeller; problem pointed out by John Hughes]
-
- *) Some of the ciphers missed the strength entry (SSL_LOW etc).
- [Ben Laurie, Lutz Jaenicke]
-
- *) Fix bug in SSL_clear(): bad sessions were not removed (found by
- Yoram Zahavi <YoramZ@gilian.com>).
- [Lutz Jaenicke]
-
- *) Add information about CygWin 1.3 and on, and preserve proper
- configuration for the versions before that.
- [Corinna Vinschen <vinschen@redhat.com> and Richard Levitte]
-
- *) Make removal from session cache (SSL_CTX_remove_session()) more robust:
- check whether we deal with a copy of a session and do not delete from
- the cache in this case. Problem reported by "Izhar Shoshani Levi"
- <izhar@checkpoint.com>.
- [Lutz Jaenicke]
-
- *) Do not store session data into the internal session cache, if it
- is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
- flag is set). Proposed by Aslam <aslam@funk.com>.
- [Lutz Jaenicke]
-
- *) Have ASN1_BIT_STRING_set_bit() really clear a bit when the requested
- value is 0.
- [Richard Levitte]
-
- *) [In 0.9.6d-engine release:]
- Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
- [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
-
- *) Add the configuration target linux-s390x.
- [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
-
- *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of
- ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag
- variable as an indication that a ClientHello message has been
- received. As the flag value will be lost between multiple
- invocations of ssl3_accept when using non-blocking I/O, the
- function may not be aware that a handshake has actually taken
- place, thus preventing a new session from being added to the
- session cache.
-
- To avoid this problem, we now set s->new_session to 2 instead of
- using a local variable.
- [Lutz Jaenicke, Bodo Moeller]
-
- *) Bugfix: Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c)
- if the SSL_R_LENGTH_MISMATCH error is detected.
- [Geoff Thorpe, Bodo Moeller]
-
- *) New 'shared_ldflag' column in Configure platform table.
- [Richard Levitte]
-
- *) Fix EVP_CIPHER_mode macro.
- ["Dan S. Camper" <dan@bti.net>]
-
- *) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
- type, we must throw them away by setting rr->length to 0.
- [D P Chang <dpc@qualys.com>]
-
- Changes between 0.9.6b and 0.9.6c [21 dec 2001]
-
- *) Fix BN_rand_range bug pointed out by Dominikus Scherkl
- <Dominikus.Scherkl@biodata.com>. (The previous implementation
- worked incorrectly for those cases where range = 10..._2 and
- 3*range is two bits longer than range.)
- [Bodo Moeller]
-
- *) Only add signing time to PKCS7 structures if it is not already
- present.
- [Steve Henson]
-
- *) Fix crypto/objects/objects.h: "ld-ce" should be "id-ce",
- OBJ_ld_ce should be OBJ_id_ce.
- Also some ip-pda OIDs in crypto/objects/objects.txt were
- incorrect (cf. RFC 3039).
- [Matt Cooper, Frederic Giudicelli, Bodo Moeller]
-
- *) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
- returns early because it has nothing to do.
- [Andy Schneider <andy.schneider@bjss.co.uk>]
-
- *) [In 0.9.6c-engine release:]
- Fix mutex callback return values in crypto/engine/hw_ncipher.c.
- [Andy Schneider <andy.schneider@bjss.co.uk>]
-
- *) [In 0.9.6c-engine release:]
- Add support for Cryptographic Appliance's keyserver technology.
- (Use engine 'keyclient')
- [Cryptographic Appliances and Geoff Thorpe]
-
- *) Add a configuration entry for OS/390 Unix. The C compiler 'c89'
- is called via tools/c89.sh because arguments have to be
- rearranged (all '-L' options must appear before the first object
- modules).
- [Richard Shapiro <rshapiro@abinitio.com>]
-
- *) [In 0.9.6c-engine release:]
- Add support for Broadcom crypto accelerator cards, backported
- from 0.9.7.
- [Broadcom, Nalin Dahyabhai <nalin@redhat.com>, Mark Cox]
-
- *) [In 0.9.6c-engine release:]
- Add support for SureWare crypto accelerator cards from
- Baltimore Technologies. (Use engine 'sureware')
- [Baltimore Technologies and Mark Cox]
-
- *) [In 0.9.6c-engine release:]
- Add support for crypto accelerator cards from Accelerated
- Encryption Processing, www.aep.ie. (Use engine 'aep')
- [AEP Inc. and Mark Cox]
-
- *) Add a configuration entry for gcc on UnixWare.
- [Gary Benson <gbenson@redhat.com>]
-
- *) Change ssl/s2_clnt.c and ssl/s2_srvr.c so that received handshake
- messages are stored in a single piece (fixed-length part and
- variable-length part combined) and fix various bugs found on the way.
- [Bodo Moeller]
-
- *) Disable caching in BIO_gethostbyname(), directly use gethostbyname()
- instead. BIO_gethostbyname() does not know what timeouts are
- appropriate, so entries would stay in cache even when they have
- become invalid.
- [Bodo Moeller; problem pointed out by Rich Salz <rsalz@zolera.com>
-
- *) Change ssl23_get_client_hello (ssl/s23_srvr.c) behaviour when
- faced with a pathologically small ClientHello fragment that does
- not contain client_version: Instead of aborting with an error,
- simply choose the highest available protocol version (i.e.,
- TLS 1.0 unless it is disabled). In practice, ClientHello
- messages are never sent like this, but this change gives us
- strictly correct behaviour at least for TLS.
- [Bodo Moeller]
-
- *) Fix SSL handshake functions and SSL_clear() such that SSL_clear()
- never resets s->method to s->ctx->method when called from within
- one of the SSL handshake functions.
- [Bodo Moeller; problem pointed out by Niko Baric]
-
- *) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert
- (sent using the client's version number) if client_version is
- smaller than the protocol version in use. Also change
- ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if
- the client demanded SSL 3.0 but only TLS 1.0 is enabled; then
- the client will at least see that alert.
- [Bodo Moeller]
-
- *) Fix ssl3_get_message (ssl/s3_both.c) to handle message fragmentation
- correctly.
- [Bodo Moeller]
-
- *) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a
- client receives HelloRequest while in a handshake.
- [Bodo Moeller; bug noticed by Andy Schneider <andy.schneider@bjss.co.uk>]
-
- *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
- should end in 'break', not 'goto end' which circuments various
- cleanups done in state SSL_ST_OK. But session related stuff
- must be disabled for SSL_ST_OK in the case that we just sent a
- HelloRequest.
-
- Also avoid some overhead by not calling ssl_init_wbio_buffer()
- before just sending a HelloRequest.
- [Bodo Moeller, Eric Rescorla <ekr@rtfm.com>]
-
- *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
- reveal whether illegal block cipher padding was found or a MAC
- verification error occured. (Neither SSLerr() codes nor alerts
- are directly visible to potential attackers, but the information
- may leak via logfiles.)
-
- Similar changes are not required for the SSL 2.0 implementation
- because the number of padding bytes is sent in clear for SSL 2.0,
- and the extra bytes are just ignored. However ssl/s2_pkt.c
- failed to verify that the purported number of padding bytes is in
- the legal range.
- [Bodo Moeller]
-
- *) Add OpenUNIX-8 support including shared libraries
- (Boyd Lynn Gerber <gerberb@zenez.com>).
- [Lutz Jaenicke]
-
- *) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid
- 'wristwatch attack' using huge encoding parameters (cf.
- James H. Manger's CRYPTO 2001 paper). Note that the
- RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use
- encoding parameters and hence was not vulnerable.
- [Bodo Moeller]
-
- *) BN_sqr() bug fix.
- [Ulf Möller, reported by Jim Ellis <jim.ellis@cavium.com>]
-
- *) Rabin-Miller test analyses assume uniformly distributed witnesses,
- so use BN_pseudo_rand_range() instead of using BN_pseudo_rand()
- followed by modular reduction.
- [Bodo Moeller; pointed out by Adam Young <AYoung1@NCSUS.JNJ.COM>]
-
- *) Add BN_pseudo_rand_range() with obvious functionality: BN_rand_range()
- equivalent based on BN_pseudo_rand() instead of BN_rand().
- [Bodo Moeller]
-
- *) s3_srvr.c: allow sending of large client certificate lists (> 16 kB).
- This function was broken, as the check for a new client hello message
- to handle SGC did not allow these large messages.
- (Tracked down by "Douglas E. Engert" <deengert@anl.gov>.)
- [Lutz Jaenicke]
-
- *) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
- [Lutz Jaenicke]
-
- *) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl()
- for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" <shinton@netopia.com>).
- [Lutz Jaenicke]
-
- *) Rework the configuration and shared library support for Tru64 Unix.
- The configuration part makes use of modern compiler features and
- still retains old compiler behavior for those that run older versions
- of the OS. The shared library support part includes a variant that
- uses the RPATH feature, and is available through the special
- configuration target "alpha-cc-rpath", which will never be selected
- automatically.
- [Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu> via Richard Levitte]
-
- *) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message()
- with the same message size as in ssl3_get_certificate_request().
- Otherwise, if no ServerKeyExchange message occurs, CertificateRequest
- messages might inadvertently be reject as too long.
- [Petr Lampa <lampa@fee.vutbr.cz>]
-
- *) Enhanced support for IA-64 Unix platforms (well, Linux and HP-UX).
- [Andy Polyakov]
-
- *) Modified SSL library such that the verify_callback that has been set
- specificly for an SSL object with SSL_set_verify() is actually being
- used. Before the change, a verify_callback set with this function was
- ignored and the verify_callback() set in the SSL_CTX at the time of
- the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
- to allow the necessary settings.
- [Lutz Jaenicke]
-
- *) Initialize static variable in crypto/dsa/dsa_lib.c and crypto/dh/dh_lib.c
- explicitly to NULL, as at least on Solaris 8 this seems not always to be
- done automatically (in contradiction to the requirements of the C
- standard). This made problems when used from OpenSSH.
- [Lutz Jaenicke]
-
- *) In OpenSSL 0.9.6a and 0.9.6b, crypto/dh/dh_key.c ignored
- dh->length and always used
-
- BN_rand_range(priv_key, dh->p).
-
- BN_rand_range() is not necessary for Diffie-Hellman, and this
- specific range makes Diffie-Hellman unnecessarily inefficient if
- dh->length (recommended exponent length) is much smaller than the
- length of dh->p. We could use BN_rand_range() if the order of
- the subgroup was stored in the DH structure, but we only have
- dh->length.
-
- So switch back to
-
- BN_rand(priv_key, l, ...)
-
- where 'l' is dh->length if this is defined, or BN_num_bits(dh->p)-1
- otherwise.
- [Bodo Moeller]
-
- *) In
-
- RSA_eay_public_encrypt
- RSA_eay_private_decrypt
- RSA_eay_private_encrypt (signing)
- RSA_eay_public_decrypt (signature verification)
-
- (default implementations for RSA_public_encrypt,
- RSA_private_decrypt, RSA_private_encrypt, RSA_public_decrypt),
- always reject numbers >= n.
- [Bodo Moeller]
-
- *) In crypto/rand/md_rand.c, use a new short-time lock CRYPTO_LOCK_RAND2
- to synchronize access to 'locking_thread'. This is necessary on
- systems where access to 'locking_thread' (an 'unsigned long'
- variable) is not atomic.
- [Bodo Moeller]
-
- *) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID
- *before* setting the 'crypto_lock_rand' flag. The previous code had
- a race condition if 0 is a valid thread ID.
- [Travis Vitek <vitek@roguewave.com>]
-
- *) Add support for shared libraries under Irix.
- [Albert Chin-A-Young <china@thewrittenword.com>]
-
- *) Add configuration option to build on Linux on both big-endian and
- little-endian MIPS.
- [Ralf Baechle <ralf@uni-koblenz.de>]
-
- *) Add the possibility to create shared libraries on HP-UX.
- [Richard Levitte]
-
- Changes between 0.9.6a and 0.9.6b [9 Jul 2001]
-
- *) Change ssleay_rand_bytes (crypto/rand/md_rand.c)
- to avoid a SSLeay/OpenSSL PRNG weakness pointed out by
- Markku-Juhani O. Saarinen <markku-juhani.saarinen@nokia.com>:
- PRNG state recovery was possible based on the output of
- one PRNG request appropriately sized to gain knowledge on
- 'md' followed by enough consecutive 1-byte PRNG requests
- to traverse all of 'state'.
-
- 1. When updating 'md_local' (the current thread's copy of 'md')
- during PRNG output generation, hash all of the previous
- 'md_local' value, not just the half used for PRNG output.
-
- 2. Make the number of bytes from 'state' included into the hash
- independent from the number of PRNG bytes requested.
-
- The first measure alone would be sufficient to avoid
- Markku-Juhani's attack. (Actually it had never occurred
- to me that the half of 'md_local' used for chaining was the
- half from which PRNG output bytes were taken -- I had always
- assumed that the secret half would be used.) The second
- measure makes sure that additional data from 'state' is never
- mixed into 'md_local' in small portions; this heuristically
- further strengthens the PRNG.
- [Bodo Moeller]
-
- *) Fix crypto/bn/asm/mips3.s.
- [Andy Polyakov]
-
- *) When only the key is given to "enc", the IV is undefined. Print out
- an error message in this case.
- [Lutz Jaenicke]
-
- *) Handle special case when X509_NAME is empty in X509 printing routines.
- [Steve Henson]
-
- *) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
- positive and less than q.
- [Bodo Moeller]
-
- *) Don't change *pointer in CRYPTO_add_lock() is add_lock_callback is
- used: it isn't thread safe and the add_lock_callback should handle
- that itself.
- [Paul Rose <Paul.Rose@bridge.com>]
-
- *) Verify that incoming data obeys the block size in
- ssl3_enc (ssl/s3_enc.c) and tls1_enc (ssl/t1_enc.c).
- [Bodo Moeller]
-
- *) Fix OAEP check.
- [Ulf Möller, Bodo Möller]
-
- *) The countermeasure against Bleichbacher's attack on PKCS #1 v1.5
- RSA encryption was accidentally removed in s3_srvr.c in OpenSSL 0.9.5
- when fixing the server behaviour for backwards-compatible 'client
- hello' messages. (Note that the attack is impractical against
- SSL 3.0 and TLS 1.0 anyway because length and version checking
- means that the probability of guessing a valid ciphertext is
- around 2^-40; see section 5 in Bleichenbacher's CRYPTO '98
- paper.)
-
- Before 0.9.5, the countermeasure (hide the error by generating a
- random 'decryption result') did not work properly because
- ERR_clear_error() was missing, meaning that SSL_get_error() would
- detect the supposedly ignored error.
-
- Both problems are now fixed.
- [Bodo Moeller]
-
- *) In crypto/bio/bf_buff.c, increase DEFAULT_BUFFER_SIZE to 4096
- (previously it was 1024).
- [Bodo Moeller]
-
- *) Fix for compatibility mode trust settings: ignore trust settings
- unless some valid trust or reject settings are present.
- [Steve Henson]
-
- *) Fix for blowfish EVP: its a variable length cipher.
- [Steve Henson]
-
- *) Fix various bugs related to DSA S/MIME verification. Handle missing
- parameters in DSA public key structures and return an error in the
- DSA routines if parameters are absent.
- [Steve Henson]
-
- *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd"
- in the current directory if neither $RANDFILE nor $HOME was set.
- RAND_file_name() in 0.9.6a returned NULL in this case. This has
- caused some confusion to Windows users who haven't defined $HOME.
- Thus RAND_file_name() is changed again: e_os.h can define a
- DEFAULT_HOME, which will be used if $HOME is not set.
- For Windows, we use "C:"; on other platforms, we still require
- environment variables.
-
- *) Move 'if (!initialized) RAND_poll()' into regions protected by
- CRYPTO_LOCK_RAND. This is not strictly necessary, but avoids
- having multiple threads call RAND_poll() concurrently.
- [Bodo Moeller]
-
- *) In crypto/rand/md_rand.c, replace 'add_do_not_lock' flag by a
- combination of a flag and a thread ID variable.
- Otherwise while one thread is in ssleay_rand_bytes (which sets the
- flag), *other* threads can enter ssleay_add_bytes without obeying
- the CRYPTO_LOCK_RAND lock (and may even illegally release the lock
- that they do not hold after the first thread unsets add_do_not_lock).
- [Bodo Moeller]
-
- *) Change bctest again: '-x' expressions are not available in all
- versions of 'test'.
- [Bodo Moeller]
-
- Changes between 0.9.6 and 0.9.6a [5 Apr 2001]
-
- *) Fix a couple of memory leaks in PKCS7_dataDecode()
- [Steve Henson, reported by Heyun Zheng <hzheng@atdsprint.com>]
-
- *) Change Configure and Makefiles to provide EXE_EXT, which will contain
- the default extension for executables, if any. Also, make the perl
- scripts that use symlink() to test if it really exists and use "cp"
- if it doesn't. All this made OpenSSL compilable and installable in
- CygWin.
- [Richard Levitte]
-
- *) Fix for asn1_GetSequence() for indefinite length constructed data.
- If SEQUENCE is length is indefinite just set c->slen to the total
- amount of data available.
- [Steve Henson, reported by shige@FreeBSD.org]
- [This change does not apply to 0.9.7.]
-
- *) Change bctest to avoid here-documents inside command substitution
- (workaround for FreeBSD /bin/sh bug).
- For compatibility with Ultrix, avoid shell functions (introduced
- in the bctest version that searches along $PATH).
- [Bodo Moeller]
-
- *) Rename 'des_encrypt' to 'des_encrypt1'. This avoids the clashes
- with des_encrypt() defined on some operating systems, like Solaris
- and UnixWare.
- [Richard Levitte]
-
- *) Check the result of RSA-CRT (see D. Boneh, R. DeMillo, R. Lipton:
- On the Importance of Eliminating Errors in Cryptographic
- Computations, J. Cryptology 14 (2001) 2, 101-119,
- http://theory.stanford.edu/~dabo/papers/faults.ps.gz).
- [Ulf Moeller]
-
- *) MIPS assembler BIGNUM division bug fix.
- [Andy Polyakov]
-
- *) Disabled incorrect Alpha assembler code.
- [Richard Levitte]
-
- *) Fix PKCS#7 decode routines so they correctly update the length
- after reading an EOC for the EXPLICIT tag.
- [Steve Henson]
- [This change does not apply to 0.9.7.]
-
- *) Fix bug in PKCS#12 key generation routines. This was triggered
- if a 3DES key was generated with a 0 initial byte. Include
- PKCS12_BROKEN_KEYGEN compilation option to retain the old
- (but broken) behaviour.
- [Steve Henson]
-
- *) Enhance bctest to search for a working bc along $PATH and print
- it when found.
- [Tim Rice <tim@multitalents.net> via Richard Levitte]
-
- *) Fix memory leaks in err.c: free err_data string if necessary;
- don't write to the wrong index in ERR_set_error_data.
- [Bodo Moeller]
-
- *) Implement ssl23_peek (analogous to ssl23_read), which previously
- did not exist.
- [Bodo Moeller]
-
- *) Replace rdtsc with _emit statements for VC++ version 5.
- [Jeremy Cooper <jeremy@baymoo.org>]
-
- *) Make it possible to reuse SSLv2 sessions.
- [Richard Levitte]
-
- *) In copy_email() check for >= 0 as a return value for
- X509_NAME_get_index_by_NID() since 0 is a valid index.
- [Steve Henson reported by Massimiliano Pala <madwolf@opensca.org>]
-
- *) Avoid coredump with unsupported or invalid public keys by checking if
- X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when
- PKCS7_verify() fails with non detached data.
- [Steve Henson]
-
- *) Don't use getenv in library functions when run as setuid/setgid.
- New function OPENSSL_issetugid().
- [Ulf Moeller]
-
- *) Avoid false positives in memory leak detection code (crypto/mem_dbg.c)
- due to incorrect handling of multi-threading:
-
- 1. Fix timing glitch in the MemCheck_off() portion of CRYPTO_mem_ctrl().
-
- 2. Fix logical glitch in is_MemCheck_on() aka CRYPTO_is_mem_check_on().
-
- 3. Count how many times MemCheck_off() has been called so that
- nested use can be treated correctly. This also avoids
- inband-signalling in the previous code (which relied on the
- assumption that thread ID 0 is impossible).
- [Bodo Moeller]
-
- *) Add "-rand" option also to s_client and s_server.
- [Lutz Jaenicke]
-
- *) Fix CPU detection on Irix 6.x.
- [Kurt Hockenbury <khockenb@stevens-tech.edu> and
- "Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
-
- *) Fix X509_NAME bug which produced incorrect encoding if X509_NAME
- was empty.
- [Steve Henson]
- [This change does not apply to 0.9.7.]
-
- *) Use the cached encoding of an X509_NAME structure rather than
- copying it. This is apparently the reason for the libsafe "errors"
- but the code is actually correct.
- [Steve Henson]
-
- *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
- Bleichenbacher's DSA attack.
- Extend BN_[pseudo_]rand: As before, top=1 forces the highest two bits
- to be set and top=0 forces the highest bit to be set; top=-1 is new
- and leaves the highest bit random.
- [Ulf Moeller, Bodo Moeller]
-
- *) In the NCONF_...-based implementations for CONF_... queries
- (crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using
- a temporary CONF structure with the data component set to NULL
- (which gives segmentation faults in lh_retrieve).
- Instead, use NULL for the CONF pointer in CONF_get_string and
- CONF_get_number (which may use environment variables) and directly
- return NULL from CONF_get_section.
- [Bodo Moeller]
-
- *) Fix potential buffer overrun for EBCDIC.
- [Ulf Moeller]
-
- *) Tolerate nonRepudiation as being valid for S/MIME signing and certSign
- keyUsage if basicConstraints absent for a CA.
- [Steve Henson]
-
- *) Make SMIME_write_PKCS7() write mail header values with a format that
- is more generally accepted (no spaces before the semicolon), since
- some programs can't parse those values properly otherwise. Also make
- sure BIO's that break lines after each write do not create invalid
- headers.
- [Richard Levitte]
-
- *) Make the CRL encoding routines work with empty SEQUENCE OF. The
- macros previously used would not encode an empty SEQUENCE OF
- and break the signature.
- [Steve Henson]
- [This change does not apply to 0.9.7.]
-
- *) Zero the premaster secret after deriving the master secret in
- DH ciphersuites.
- [Steve Henson]
-
- *) Add some EVP_add_digest_alias registrations (as found in
- OpenSSL_add_all_digests()) to SSL_library_init()
- aka OpenSSL_add_ssl_algorithms(). This provides improved
- compatibility with peers using X.509 certificates
- with unconventional AlgorithmIdentifier OIDs.
- [Bodo Moeller]
-
- *) Fix for Irix with NO_ASM.
- ["Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
-
- *) ./config script fixes.
- [Ulf Moeller, Richard Levitte]
-
- *) Fix 'openssl passwd -1'.
- [Bodo Moeller]
-
- *) Change PKCS12_key_gen_asc() so it can cope with non null
- terminated strings whose length is passed in the passlen
- parameter, for example from PEM callbacks. This was done
- by adding an extra length parameter to asc2uni().
- [Steve Henson, reported by <oddissey@samsung.co.kr>]
-
- *) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn
- call failed, free the DSA structure.
- [Bodo Moeller]
-
- *) Fix to uni2asc() to cope with zero length Unicode strings.
- These are present in some PKCS#12 files.
- [Steve Henson]
-
- *) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c).
- Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits
- when writing a 32767 byte record.
- [Bodo Moeller; problem reported by Eric Day <eday@concentric.net>]
-
- *) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c),
- obtain lock CRYPTO_LOC