wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10471 commits 20 branches 302 tags 153 MiB
Commit graph

10471 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dr. Stephen Henson
1b2047c5c0 Don't round up partitioned premaster secret length if there is only one 
digest in use: this caused the PRF to fail for an odd premaster secret
length.
 2011-05-31 10:34:43 +00:00
Dr. Stephen Henson
eda3766b53 Output supported curves in preference order instead of numerically. 2011-05-30 17:58:13 +00:00
Andy Polyakov
62b6c5c404 e_aes.c: fix typo. 2011-05-30 10:13:42 +00:00
Andy Polyakov
e76cbcf686 e_aes.c: fix aes_cfb1_cipher. 2011-05-30 10:10:05 +00:00
Andy Polyakov
d1fff483d6 e_aes.c: integrate AESNI directly into EVP. 2011-05-30 09:16:01 +00:00
Andy Polyakov
8da721ee2b aesni-x86[_64].pl: relax alignment requirement. 2011-05-30 09:15:16 +00:00
Dr. Stephen Henson
3e2e231852 Add more cipher prototypes. 2011-05-29 16:16:55 +00:00
Dr. Stephen Henson
87829ac926 Prototypes for more FIPS functions for use in FIPS capable OpenSSL. 2011-05-29 15:56:23 +00:00
Andy Polyakov
fe9a5107be Various mingw64 fixes. 2011-05-29 13:51:14 +00:00
Andy Polyakov
afa4b38671 sha1-586|x86_64.pl: minor portability fix. 2011-05-29 13:48:57 +00:00
Andy Polyakov
18f5603c53 x86cpuid.pl: last commit broke platforms with perl with 64-bit integer. 2011-05-29 12:50:02 +00:00
Andy Polyakov
0c149802a2 sha1-586|x86_64.pl: add SSSE3 and AVX code paths. 2011-05-29 12:39:48 +00:00
Dr. Stephen Henson
c33066900c Add FIPS_digestinit prototype for FIPS capable OpenSSL. 2011-05-28 23:02:23 +00:00
Dr. Stephen Henson
f87ff24bc4 Add prototypes for FIPS EVP implementations: for use in FIPS capable 
OpenSSL.
 2011-05-28 21:03:31 +00:00
Andy Polyakov
cf3aeae419 aes-ppc.pl: handle unaligned data on page boundaries. 2011-05-28 09:41:36 +00:00
Dr. Stephen Henson
9a205e5981 Rename many internal only module functions from FIPS_* to fips_*. 2011-05-27 21:11:54 +00:00
Andy Polyakov
f44cb15fab rc4-x86_64.pl: fix due credit. 2011-05-27 18:58:37 +00:00
Andy Polyakov
986289604e rc4-x86_64.pl: RC4_options fix-up. 2011-05-27 16:15:12 +00:00
Andy Polyakov
4bb90087d7 x86[_64]cpuid.pl: harmonize usage of reserved bits #20 and #30. 2011-05-27 15:32:43 +00:00
Andy Polyakov
6715034002 PPC assembler pack: adhere closer to ABI specs, add PowerOpen traceback data. 2011-05-27 13:32:34 +00:00
Andy Polyakov
0ca9a483af rc4-x86_64.pl: major optimization for contemporary Intel CPUs. 2011-05-27 09:51:09 +00:00
Andy Polyakov
0dff8ba248 rc4-586.pl: optimize even further... 2011-05-27 09:46:19 +00:00
Dr. Stephen Henson
eb62cd807b Typo. 2011-05-26 22:01:49 +00:00
Dr. Stephen Henson
64f5178d67 Use FIPSLD_LIBCRYPTO for consistency with other env variables in fipsld. 
Use current directory for fips_premain_dso
 2011-05-26 21:20:14 +00:00
Dr. Stephen Henson
e558c2aa3f In fipsld use FIPSLIBCRYPTO environment variable to specify an alternative 
location for libcrypto.a, support shared library builds in different
source tree.
 2011-05-26 21:15:45 +00:00
Dr. Stephen Henson
ed0a35f222 Install fips_standalone_sha1 and make use of it in fipsld script. 2011-05-26 13:59:11 +00:00
Andy Polyakov
2bc3ad28b3 x86_64cpuid.pl: get AVX masking right. 2011-05-26 13:16:26 +00:00
Dr. Stephen Henson
d67813f878 Only install FIPS related files for fipscanisteronly build. 2011-05-26 11:00:06 +00:00
Dr. Stephen Henson
ecfe2d1753 More symbol renaming. 2011-05-25 16:01:37 +00:00
Dr. Stephen Henson
ebc5e72fe5 Don't advertise or use MD5 for TLS v1.2 in FIPS mode 2011-05-25 15:31:32 +00:00
Dr. Stephen Henson
3d52f1d52b PR: 2533 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.
 2011-05-25 15:20:49 +00:00
Dr. Stephen Henson
fd60dfa0f2 PR: 2529 
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Call ssl_new() to reallocate SSL BIO internals if we want to replace
the existing internal SSL structure.
 2011-05-25 15:16:10 +00:00
Dr. Stephen Henson
be1242cbd1 PR: 2527 
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Set cnf to NULL to avoid possible double free.
 2011-05-25 15:05:39 +00:00
Dr. Stephen Henson
a26e245ecd Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:52:21 +00:00
Dr. Stephen Henson
992bdde62d Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:41:56 +00:00
Dr. Stephen Henson
bbcf3a9b30 Some nextproto patches broke DTLS: fix 2011-05-25 14:31:47 +00:00
Dr. Stephen Henson
006b54a8eb Oops use up to date patch for PR#2506 2011-05-25 14:30:20 +00:00
Dr. Stephen Henson
44ddb27fa6 PR: 2512 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
 2011-05-25 12:37:07 +00:00
Dr. Stephen Henson
7832d6ab1c PR: 2506 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fully implement SSL_clear for DTLS.
 2011-05-25 12:28:06 +00:00
Dr. Stephen Henson
ee4b5cebef PR: 2505 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS session resumption timer bug.
 2011-05-25 12:25:01 +00:00
Dr. Stephen Henson
238b63613b use TLS1_get_version macro to check version so TLS v1.2 changes don't interfere with DTLS 2011-05-25 11:43:07 +00:00
Andy Polyakov
87f6b97e89 e_padlock.c: fix typo. 2011-05-25 10:02:20 +00:00
Andy Polyakov
6a99984b57 rc4-586.pl: optimize unused code path. 2011-05-25 09:36:13 +00:00
Andy Polyakov
67d8487bb8 e_padlock.c: last x86_64 commit didn't work with some optimizers. 2011-05-24 17:18:19 +00:00
Andy Polyakov
760d2551fb rc4-586.pl: 50% improvement on Core2 and 80% on Westmere. 2011-05-24 13:07:29 +00:00
Dr. Stephen Henson
73ab341130 PR: 2522 
Submitted by: Henrik Grindal Bakken <henribak@cisco.com>

Don't compare past end of buffer.
 2011-05-23 12:27:43 +00:00
Andy Polyakov
62f29eb1cf spacrv9cap.c: addenum to recent EC optimizations. 2011-05-23 08:14:32 +00:00
Andy Polyakov
f8501464cc aesni-x86[_64].pl: optimize for Sandy Bridge and add XTS mode. 2011-05-22 18:38:00 +00:00
Andy Polyakov
96abea332c x86_64-gf2m.pl: add Win64 SEH. 2011-05-22 18:29:11 +00:00
Andy Polyakov
2e75ed332f ppccap.c: addenum to recent EC optimizations. 2011-05-21 10:17:02 +00:00