Commit graph

74 commits

Author SHA1 Message Date
Dr. Stephen Henson
6be00c7e16 More FIPS algorithm blocking.
Catch attempted use of non FIPS algorithms with HMAC.

Give an assertion error for applications that ignore FIPS digest errors.

Make -non-fips-allow work with dgst and HMAC.
2005-01-27 01:49:42 +00:00
Dr. Stephen Henson
d0edffc7da FIPS algorithm blocking.
Non FIPS algorithms are not normally allowed in FIPS mode.

Any attempt to use them via high level functions will return an error.

The low level non-FIPS algorithm functions cannot return errors so they
produce assertion failures. HMAC also has to give an assertion error because
it (erroneously) can't return an error either.

There are exceptions (such as MD5 in TLS and non cryptographic use of
algorithms) and applications can override the blocking and use non FIPS
algorithms anyway.

For low level functions the override is perfomed by prefixing the algorithm
initalization function with "private_" for example private_MD5_Init().

For high level functions an override is performed by setting a flag in
the context.
2005-01-26 20:00:40 +00:00
Richard Levitte
7f9c37457a To protect FIPS-related global variables, add locking mechanisms
around them.

NOTE: because two new locks are added, this adds potential binary
incompatibility with earlier versions in the 0.9.7 series.  However,
those locks will only ever be touched when FIPS_mode_set() is called
and after, thanks to a variable that's only changed from 0 to 1 once
(when FIPS_mode_set() is called).  So basically, as long as FIPS mode
hasn't been engaged explicitely by the calling application, the new
locks are treated as if they didn't exist at all, thus not becoming a
problem.  Applications that are built or rebuilt to use FIPS
functionality will need to be recompiled in any case, thus not being a
problem either.
2004-07-30 14:38:02 +00:00
Richard Levitte
5c72869563 Add a static lock called HWCRHK, for the case of having an application
that wants to use the hw_ncipher engine without having given any
callbacks for the dynamic type of locks.
2002-12-12 17:41:36 +00:00
Richard Levitte
a067cba35b Windows CE updates, contributed by Steven Reddie <smr@essemer.com.au> 2002-12-03 14:21:32 +00:00
Richard Levitte
0a3af9a403 Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler
and linker optimizations.
PR: 343
2002-11-27 12:25:52 +00:00
Richard Levitte
29ca164513 WinCE patches 2002-11-15 22:44:08 +00:00
Richard Levitte
f6a0c4f853 Make OpenSSLdie() visible (it's a must to get a proper reference in
libeay.num).
2002-11-13 11:35:12 +00:00
Ben Laurie
9831d941ca Many security improvements (CHATS) and a warning fix. 2002-11-12 13:23:40 +00:00
Bodo Möller
4e33db9a3f really fix race condition
PR: 262
2002-09-23 14:28:12 +00:00
Bodo Möller
384eff877c Fix apps/openssl.c and ssl/ssltest.c so that they use
CRYPTO_set_mem_debug_options() instead of CRYPTO_dbg_set_options(),
which is the default implementation of the former and should usually
not be directly used by applications (at least if we assume that the
options accepted by the default implementation will also be meaningful
to any other implementations).

Also fix apps/openssl.c and ssl/ssltest such that environment variable
setting 'OPENSSL_DEBUG_MEMORY=off' actively disables the compiled-in
library defaults (i.e. such that CRYPTO_MDEBUG is ignored in this
case).
2001-09-10 09:50:30 +00:00
Bodo Möller
78f7923580 Totally get rid of CRYPTO_LOCK_ERR_HASH.
In err.c, flags int_error_hash_set and int_thread_hash_set
appear superfluous since we can just as well initialize
int_error_hash and int_thread_hash to NULL.

Change some of the err.c formatting to conform with the rest of
OpenSSL.
2001-09-06 12:37:36 +00:00
Bodo Möller
c5de8996cc delete redundant ERR_load_CRYPTO_strings() prototype 2001-09-04 10:45:01 +00:00
Geoff Thorpe
3a0799977b First step in fixing "ex_data" support. Warning: big commit log ...
Currently, this change merely addresses where ex_data indexes are stored
and managed, and thus fixes the thread-safety issues that existed at that
level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS
and per-class index counters - all such data is stored inside ex_data.c. So
rather than passing both STACK+counter to index-management ex_data
functions, a 'class_index' is instead passed to indicate the class (eg.
CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly
and this is also thread-safe inside ex_data.c (though whether the caller
manages the return value in a thread-safe way is not addressed).

This does not change the "get/set" functions on individual "ex_data"
structures, and so thread-safety at that level isn't (yet) assured.
Likewise, the method of getting and storing per-class indexes has not
changed, so locking may still be required at the "caller" end but is
nonetheless thread-safe inside "ex_data"'s internal implementation.
Typically this occurs when code implements a new method of some kind and
stores its own per-class index in a global variable without locking the
setting and usage of that variable. If the code in question is likely to be
used in multiple threads, locking the setting and use of that index is
still up to the code in question. Possible fixes to this are being
sketched, but definitely require more major changes to the API itself than
this change undertakes.

The underlying implementation in ex_data.c has also been modularised so
that alternative "ex_data" implementations (that control all access to
state) can be plugged in. Eg. a loaded module can have its implementation
set to that of the application loaded it - the result being that
thread-safety and consistency of "ex_data" classes and indexes can be
maintained in the same place rather than the loaded module using its own
copy of ex_data support code and state.

Due to the centralisation of "state" with this change, cleanup of all
"ex_data" state can now be performed properly. Previously all allocation of
ex_data state was guaranteed to leak - and MemCheck_off() had been used to
avoid it flagging up the memory debugging. A new function has been added to
perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl"
command(s) have been changed to use this cleanup, as have the relevant test
programs. External application code may want to do so too - failure to
cleanup will not induce more memory leaking than was the case before, but
the memory debugging is not tricked into hiding it any more so it may
"appear" where it previously did not.
2001-09-01 19:56:46 +00:00
Bodo Möller
daba492c3a md_rand.c thread safety 2001-07-25 17:17:24 +00:00
Richard Levitte
a63d5eaab2 Add a general user interface API. This is designed to replace things
like des_read_password and friends (backward compatibility functions
using this new API are provided).  The purpose is to remove prompting
functions from the DES code section as well as provide for prompting
through dialog boxes in a window system and the like.
2001-05-06 23:19:37 +00:00
Richard Levitte
32654e792b One indirection level too little compared to the
pre-CRYPTO_MEM_LEAK_CB time.
2001-02-22 14:23:44 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Ulf Möller
36fafffae2 New function OPENSSL_issetugid(). Needs more work. 2001-02-14 01:35:44 +00:00
Bodo Möller
673b3fde82 Add SSLEAY_DIR argument code for SSLeay_version.
Add '-d' option for 'openssl version' (included in '-a').
2001-01-10 15:15:36 +00:00
Bodo Möller
cd56182b41 Change prototypes for new CRYPTO_..._mem_ex_functions functions so
that they match the function definitions (namely, remove file/line
parameters from free_func).
2001-01-10 14:10:17 +00:00
Richard Levitte
65a22e8e4d As response to a user request to be able to use external memory
handling routines that need file name and line number information,
I've added a call level to our memory handling routines to allow that
kind of hooking.
2001-01-10 13:14:58 +00:00
Geoff Thorpe
98d517c5da Get rid of the function pointer casting in the debugging memory code due
to LHASH usage. NB: The callback type used as been suctioned off into
crypto.h as CRYPTO_MEM_LEAK_CB to improve clarity.
2001-01-09 00:13:25 +00:00
Richard Levitte
bbbc96a87e Constification of CRYPTO_get_ex_data() needed for the sake of
RSA_get_ext_data().
2000-11-06 23:24:59 +00:00
Richard Levitte
5270e7025e Merge the engine branch into the main trunk. All conflicts resolved.
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Richard Levitte
9fc2570677 It's not just VMS that needs some symbols to be hacked. Let's
centralise those hacks in crypto/symhacks.h and use it everywhere it's
needed.
2000-09-07 08:18:05 +00:00
Richard Levitte
e5acb2bd2e Remove casts that are no longer needed. 2000-08-01 08:41:13 +00:00
Richard Levitte
55b7688ef5 Add the missing callback pointer handling functions.
Also, make sure empty slots of the dynamic lock stack are used.
Actually, I'm not really sure this is the right thing to do, and may
remove it, with an endlessly growing stack as result...
2000-06-19 16:38:27 +00:00
Richard Levitte
e73a6965e3 Redo the support for dynamic locks. First of all, it was terribly
insecure, so a static lock is added to isolate the sensitive parts.
Also, to avoid one thread freeing a lock that is used by another, a
reference counter is added.
2000-06-19 13:38:09 +00:00
Richard Levitte
c79223040d Add support for dynamically created and destroyed mutexes. This will
be needed in some ENGINE code, and might serve elsewhere as well.
Note that it's implemented in such a way that the locking itself is
done through the same CRYPTO_lock function as the static locks.

WARNING: This is currently experimental and untested code (it will get
tested soon, though :-)).
2000-06-18 15:59:04 +00:00
Dr. Stephen Henson
3aceb94b9e Safe stack reorganisation in terms of function casts.
After some messing around this seems to work but needs
a few more tests. Working out the syntax for sk_set_cmp_func()
(cast it to a function that itself returns a function pointer)
was painful :-(

Needs some testing to see what other compilers think of this
syntax.

Also needs similar stuff for ASN1_SET_OF etc etc.
2000-06-16 23:29:26 +00:00
Richard Levitte
26a3a48d65 There have been a number of complaints from a number of sources that names
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
2000-06-01 22:19:21 +00:00
Geoff Thorpe
7edd20916a "make update" + stripping the type-specific stack functions out of
libeay.num and ssleay.num.
2000-06-01 06:07:19 +00:00
Ulf Möller
f3e9b338e0 is needed. 2000-06-01 00:27:59 +00:00
Ulf Möller
78e2426859 #include <stdlib.h> is not needed. 2000-05-31 22:13:59 +00:00
Bodo Möller
2ace287dea Move Windows seeding functions into a separate file.
They have nothing to do with the particular PRNG (md_rand.c).
2000-05-31 12:48:35 +00:00
Ulf Möller
0c109ea2cb prototype. 2000-05-15 21:02:44 +00:00
Richard Levitte
6596268675 In Message-ID: <003201bfb332$14a07520$0801a8c0@janm.transactionsite.com>,
"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order.  Thusly fixed.

Also, make the memory debugging routines defined and declared with
prototypes, and use void* instead of char* for memory blobs.

And last of all, redo the ugly callback construct for elegance and
better definition (with prototypes).
2000-05-02 13:36:50 +00:00
Geoff Thorpe
9ec0126ed2 This commit ties the new DSO code (crypto/dso/) into the build for a
variety of platforms. A few are missing, and they will be added in
eventually, but as this is new stuff, it was better to not break lots of
platforms in one go that we can't easily test. The changes to "Configure"
should illustrate how to add support to other systems if you feel like
having a go.

NB: I'll add something shortly to allow you to add "dlfcn.h" support on
those platforms that don't have (or need) a dlfcn.h header file. (The
symbol for Configure will probably by "dlfcn_no_h").

Thanks to Richard Levitte, who is responsible for the dso_dl.c support,
understanding the trickier aspects of the build process, and giving great
feedback on everything else.

[Don't use this stuff if you're easily offended by changes to the
interface or behaviour - it's still work in progress.]

PR:
2000-04-04 22:32:19 +00:00
Richard Levitte
c29b6d560b Since a stack with quite long name is declared here, vms_idhacks.h is
also needed to get around C compilers on VMS that set the symbol limit
to 31 characters.  Bot the macros VMS and __VMS are checked, since
there's no real way to know if e_os.h has been included yet.
2000-02-26 00:01:16 +00:00
Ralf S. Engelschall
667ac4ec6a Make gcc 2.95.2 happy again, even under ``-Wall -Wshadow -Wpointer-arith -Wcast-align
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''.
2000-02-11 09:47:18 +00:00
Ulf Möller
9d1a01be8f Source code cleanups: Use void * rather than char * in lhash,
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
2000-01-30 22:20:28 +00:00
Dr. Stephen Henson
dd9d233e2a Tidy up CRYPTO_EX_DATA structures. 2000-01-23 23:41:49 +00:00
Bodo Möller
b64e735b08 add V_CRYPTO_MDEBUG_ALL
Submitted by:
Reviewed by:
PR:
2000-01-07 10:50:54 +00:00
Dr. Stephen Henson
3d14b9d04a Add support for MS "fast SGC". 2000-01-02 18:52:58 +00:00
Bodo Möller
2b6313d0da Rename
CRYPTO_add_info    => CRYPTO_push_info
   CRYPTO_remove_info => CRYPTO_pop_info
in the hope that these names are more descriptive;
and "make update".
1999-12-18 13:51:47 +00:00
Bodo Möller
75acc288ca fix typos and other little errors ... 1999-12-18 13:25:45 +00:00
Bodo Möller
0cd08cce17 - Don't assume that int and size_t have the same representation
(and that malloc can be called with an int argument).
- Use proper prototypes (with argument list) for various function pointers,
  avoid casts  (however there are still many such cases left in these files).
- Avoid collissions in app_info_cmp if sizeof int != sizeof long.
- Use CRYPTO_LOCK_MALLOC in mem_dbg.c.
1999-12-18 05:22:50 +00:00
Richard Levitte
f3a2a04496 - Added more documentation in CHANGES.
- Made CRYPTO_MDEBUG even less used in crypto.h, giving
   MemCheck_start() and MemCheck_stop() only one possible definition.
 - Made the values of the debug function pointers in mem.c dependent
   on the existence of the CRYPTO_MDEBUG macro, and made the rest of
   the code understand the NULL case.

That's it.  With this code, the old behvior of the debug functionality
is restored, but you can still opt to have it on, even when the
library wasn't compiled with a defined CRYPTO_MDEBUG.
1999-12-18 02:34:37 +00:00
Richard Levitte
d8df48a9bc - Made sure some changed behavior is documented in CHANGES.
- Moved the handling of compile-time defaults from crypto.h to
   mem_dbg.c, since it doesn't make sense for the library users to try
   to affect this without recompiling libcrypto.
 - Made sure V_CRYPTO_MDEBUG_TIME and V_CRYPTO_MDEBUG_THREAD had clear
   and constant definitions.
 - Aesthetic correction.
1999-12-18 01:14:39 +00:00