Commit graph

347 commits

Author SHA1 Message Date
Dr. Stephen Henson
a9f4ebd753 Fix error discrepancy.
We can't rename ssleay_rand_bytes to md_rand_bytes_lock as this will cause
an error code discrepancy. Instead keep ssleay_rand_bytes and add an
extra parameter: since ssleay_rand_bytes is not part of the public API
this wont cause any binary compatibility issues.
Reviewed-by: Kurt Roeckx <kurt@openssl.org >
(cherry picked from commit 8068a675a7d1a657c54546f24e673e59e6707f03)
2014-08-01 18:42:40 +01:00
Dr. Stephen Henson
2a9023f7b4 Avoid multiple lock using FIPS DRBG.
Don't use multiple locks when SP800-90 DRBG is used outside FIPS mode.

PR#3176
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit a3efe1b6e9)
2014-07-30 21:09:20 +01:00
Jakub Wilk
5c52c04650 Create ~/.rnd with mode 0600 instead of 0666
Because of a missing include <fcntl.h> we don't have O_CREATE and don't create
the file with open() using mode 0600 but fall back to using fopen() with the
default umask followed by a chmod().

Problem found by Jakub Wilk <jwilk@debian.org>.
2014-06-08 21:25:43 +01:00
Dr. Stephen Henson
5be1ae28ef Return if ssleay_rand_add called with zero num.
Treat a zero length passed to ssleay_rand_add a no op: the existing logic
zeroes the md value which is very bad. OpenSSL itself never does this
internally and the actual call doesn't make sense as it would be passing
zero bytes of entropy.

Thanks to Marcus Meissner <meissner@suse.de> for reporting this bug.
2014-04-07 17:53:31 +01:00
Dr. Stephen Henson
caf55bfacf Avoid Windows 8 Getversion deprecated errors.
Windows 8 SDKs complain that GetVersion() is deprecated.

We only use GetVersion like this:

	(GetVersion() < 0x80000000)

which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
(cherry picked from commit a4cc3c8041)
2014-02-25 13:42:25 +00:00
Dr. Stephen Henson
c776a3f398 make update 2014-01-06 13:33:27 +00:00
Dr. Stephen Henson
f1068a1ab7 Get FIPS checking logic right.
We need to lock when *not* in FIPS mode.
(cherry picked from commit 57c4e42d75)
2013-12-10 12:54:55 +00:00
Dr. Stephen Henson
60df657b3a make update 2013-12-08 13:23:14 +00:00
Dr. Stephen Henson
17a2d0801f Avoid multiple locks in FIPS mode.
PR: 3176.

In FIPS mode ssleay_rand_bytes is only used for PRNG seeding and is
performed in either a single threaded context (when the PRNG is first
initialised) or under a lock (reseeding). To avoid multiple locks disable
use of CRYPTO_LOCK_RAND in FIPS mode in ssleay_rand_bytes.
(cherry picked from commit 53142f72c9b9c9bad2f39ca6200a4f04f5c8001c)
2013-12-08 13:23:14 +00:00
Dr. Stephen Henson
a4870de5aa Disable Dual EC DRBG.
Return an error if an attempt is made to enable the Dual EC DRBG: it
is not used by default.
2013-09-22 18:24:12 +01:00
Dr. Stephen Henson
7a217076d9 PR: 2786
Reported by: Tomas Mraz <tmraz@redhat.com>

Treat a NULL value passed to drbg_free_entropy callback as non-op. This
can happen if the call to fips_get_entropy fails.
2012-08-22 22:42:04 +00:00
Dr. Stephen Henson
7175dbaeba Revert "version skew" patches that break FIPS compilation. 2012-06-09 23:35:34 +00:00
Ben Laurie
af454b5bb0 Reduce version skew. 2012-06-08 09:18:47 +00:00
Andy Polyakov
4fb7e2b445 Fix OPNESSL vs. OPENSSL typos [from HEAD].
PR: 2613
Submitted by: Leena Heino
2012-01-15 13:40:21 +00:00
Dr. Stephen Henson
62308f3f4a PR: 2563
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve

Improved PRNG seeding for VOS.
2011-12-19 17:02:35 +00:00
Dr. Stephen Henson
36f120cd20 Improved error checking for DRBG calls.
New functionality to allow default DRBG type to be set during compilation or during runtime.
2011-09-16 23:12:34 +00:00
Dr. Stephen Henson
c24367ebb9 Don't set FIPS rand method at same time as RAND method as this can cause
the FIPS library to fail. Applications that want to set the FIPS rand
method can do so explicitly and presumably they know what they are doing...
2011-06-21 17:08:25 +00:00
Dr. Stephen Henson
b0b3d09063 Set rand method in FIPS_mode_set() not in rand library. 2011-06-13 21:18:00 +00:00
Dr. Stephen Henson
0ede2af7a0 Redirect RAND to FIPS module in FIPS mode. 2011-06-13 20:40:52 +00:00
Dr. Stephen Henson
7207eca1ee The first of many changes to make OpenSSL 1.0.1 FIPS capable.
Add static build support to openssl utility.

Add new "fips" option to Configure.

Make use of installed fipsld and fips_standalone_sha1

Initialise FIPS error callbacks, locking and DRBG.

Doesn't do anything much yet: no crypto is redirected to the FIPS module.

Doesn't completely build either but the openssl utility can enter FIPS mode:
which doesn't do anything much either.
2011-05-26 14:19:19 +00:00
Richard Levitte
01d2e27a2b Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:47:47 +00:00
Dr. Stephen Henson
c3ee90d8ca FIPS mode changes to make RNG compile (this will need updating later as we
need a whole new PRNG for FIPS).

1. avoid use of ERR_peek().

2. If compiling with FIPS use small FIPS EVP and disable ENGINE
2011-01-26 14:55:23 +00:00
Dr. Stephen Henson
1bfe9acbbf PR: 2372
Submitted by: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl>
Reviewed by: steve

Fix OpenBSD compilation failure.
2010-11-18 12:29:38 +00:00
Andy Polyakov
b29b89ef21 rand_nw.c: compensate for gcc bug (using %edx instead of %eax at -O3)
[from HEAD].
PR: 2296
2010-07-08 09:15:49 +00:00
Dr. Stephen Henson
daac87be95 clarify comment 2010-06-16 13:17:22 +00:00
Dr. Stephen Henson
e97359435e Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
Andy Polyakov
162de2f2b5 rand_win.c: fix logical bug in readscreen [from HEAD]. 2010-03-22 22:44:35 +00:00
Dr. Stephen Henson
9051fc538f PR: 2100
Submitted by: James Baker <jbaker@tableausoftware.com> et al.

Workaround for slow Heap32Next on some versions of Windows.
2010-02-17 14:32:25 +00:00
Dr. Stephen Henson
1cdb7854a5 PR: 2138
Submitted by: Kevin Regan <k.regan@f5.com>

Clear stat structure if -DPURIFY is set to avoid problems on some
platforms which include unitialised fields.
2010-01-26 18:07:41 +00:00
Andy Polyakov
a238d7d1eb rand_win.c: handel GetTickCount wrap-around [from HEAD]. 2010-01-19 21:44:07 +00:00
Dr. Stephen Henson
5e56584285 Don't use __try+__except unless on VC++ 2009-09-20 12:39:16 +00:00
Dr. Stephen Henson
2475a52061 Update from 0.9.8-stable. 2009-07-24 13:47:52 +00:00
Dr. Stephen Henson
5bb9e1b4d4 Update from HEAD. 2009-06-15 11:23:33 +00:00
Dr. Stephen Henson
346b1001eb PR: 1903
Submitted by: "Paul Smedley" <pauldespam@despamsmedley.id.au>
Approved by: steve@openssl.org

OS/2 fixes (excludes Makefile.shared patch for now).
2009-04-22 16:21:20 +00:00
Dr. Stephen Henson
8681c66eec PR: 1890
Submitted by: "Green, Paul" <Paul.Green@stratus.com>
Approved by: steve@openssl.org

Fixes to --with-zlib-include and --with-zlib-lib and init PRNG for VOS.
2009-04-06 14:31:36 +00:00
Ben Laurie
b3f3407850 Use new common flags and fix resulting warnings. 2009-02-15 14:08:51 +00:00
Richard Levitte
792bbc2374 VMS stuff I forgot... 2009-01-03 09:25:32 +00:00
Andy Polyakov
e527201f6b This _WIN32-specific patch makes it possible to "wrap" OpenSSL in another
.DLL, in particular static build. The issue has been discussed in RT#1230
and later on openssl-dev, and mutually exclusive approaches were suggested.
This completes compromise solution suggested in RT#1230.
PR: 1230
2008-12-22 13:54:12 +00:00
Andy Polyakov
2fbc8a2aad Revert commit #17603, it should have been part of #17617. 2008-11-12 07:27:36 +00:00
Geoff Thorpe
6343829a39 Revert the size_t modifications from HEAD that had led to more
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
0afc9f5bc0 PR: 1777
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>
Approved by: steve@openssl.org

Fix some size_t issues.
2008-11-05 23:14:32 +00:00
Ben Laurie
d40a1b865f Only one of these needs to be signed. 2008-11-04 15:16:23 +00:00
Dr. Stephen Henson
f2c0230518 Not sure about this one... seems to be needed to make 64 bit release
builds work properly...
2008-11-02 18:29:27 +00:00
Ben Laurie
5e4430e70d More size_tification. 2008-11-01 16:40:37 +00:00
Andy Polyakov
e6b4578540 randfile.c: .rnd can become orphaned on VMS.
Submitted by: David North
2008-10-28 16:25:47 +00:00
Geoff Thorpe
4c3296960d Remove the dual-callback scheme for numeric and pointer thread IDs,
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).

Thanks to Bodo, for invaluable review and feedback.
2008-08-06 15:54:15 +00:00
Geoff Thorpe
5f834ab123 Revert my earlier CRYPTO_THREADID commit, I will commit a reworked
version some time soon.
2008-07-03 19:59:25 +00:00
Ben Laurie
5ce278a77b More type-checking. 2008-06-04 11:01:43 +00:00
Lutz Jänicke
3de5a7745f Correctly adjust location of comment
Submitted by: Ben Laurie <ben@links.org>
2008-05-20 08:10:48 +00:00
Lutz Jänicke
8b99c79fae Another occurance of possible valgrind/purify "uninitialized memory"
complaint related to the PRNG: with PURIFY policy don't feed uninitialized
memory into the PRNG.

Submitted by: Bodo Moeller <bmoeller@openssl.org> :-)
2008-05-16 07:14:26 +00:00