wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11134 commits 20 branches 302 tags 153 MiB
Commit graph

5772 commits

Author SHA1 Message Date
Andy Polyakov
37f010e248 Add provisory support for RDRAND instruction. 2011-08-10 18:52:42 +00:00
Andy Polyakov
85ec54a417 x86_64-mont.pl: futher optimization resulting in up to 48% improvement 
(4096-bit RSA sign benchmark on Core2) in comparison to initial version
from 2005.
 2011-08-09 13:05:05 +00:00
Andy Polyakov
267b481c47 aes/asm/aesni-*.pl: fix CCM and further optimize it. 
modes/ccm128.c: minor branch optimization.
 2011-08-07 17:47:56 +00:00
Dr. Stephen Henson
8a8cc84f74 fix memory leak 2011-08-03 16:39:58 +00:00
Dr. Stephen Henson
28dd49faec Expand range of ctrls for AES GCM to support retrieval and setting of 
invocation field.

Add complete support for AES GCM ciphersuites including all those in
RFC5288 and RFC5289.
 2011-08-03 15:37:22 +00:00
Dr. Stephen Henson
3699ec6056 recognise ecdsaWithSHA1 OID 2011-07-28 14:40:01 +00:00
Andy Polyakov
2667162d33 cryptlib.c: OPENSSL_ia32cap environment variable to interpret ~ as cpuid mask. 2011-07-23 12:10:26 +00:00
Dr. Stephen Henson
1d5121552d Make sure OPENSSL_FIPSCANISTER is visible to ARM assembly language files. 2011-07-22 14:20:50 +00:00
Dr. Stephen Henson
4f275f248e stop warnings 2011-07-21 13:45:06 +00:00
Andy Polyakov
7b41f350d4 aes-ppc.pl: minor optimization favoring embedded processors (performance 
of "big" processors is unaffected).
 2011-07-20 22:16:27 +00:00
Andy Polyakov
be9a8cc2af Add RSAX builtin engine. It optimizes RSA1024 sign benchmark. 2011-07-20 21:49:46 +00:00
Dr. Stephen Henson
dafce90ae5 PR: 2559 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS socket error bug
 2011-07-20 15:22:11 +00:00
Andy Polyakov
9df286b13a sha512-sparcv9.pl: minor optimization of sha256. 2011-07-18 11:34:07 +00:00
Andy Polyakov
87873f4328 ARM assembler pack: add platform run-time detection. 2011-07-17 17:40:29 +00:00
Dr. Stephen Henson
9fe51d5f73 PR: 2556 (partial) 
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
 2011-07-14 12:01:53 +00:00
Andy Polyakov
4195a369fd perlasm/cbc.pl: fix tail processing bug. 
PR: 2557
 2011-07-13 06:20:30 +00:00
Andy Polyakov
a355cf9bf5 evp.h: add flag to distinguish AEAD ciphers and pair of control codes... 2011-07-11 13:54:53 +00:00
Andy Polyakov
6179f06077 x86_64-mont.pl: add squaring procedure and improve RSA sign performance 
by up to 38% (4096-bit benchmark on Core2).
 2011-07-05 09:21:03 +00:00
Andy Polyakov
6fa4c7c43b x86_64-xlate.pl: sha1 and md5 warnings made it to nasm 2.09, extend gnu 
assembler workaround to all assemblers.
 2011-07-04 13:10:50 +00:00
Andy Polyakov
169a274a41 sha1-x86_64.pl: nasm 2.07 screws up labels if AVX path is compiled. 2011-07-04 13:00:24 +00:00
Andy Polyakov
02a73e2bed s390x-gf2m.pl: commentary update (final performance numbers turned to be 
higher).
 2011-07-04 11:20:33 +00:00
Andy Polyakov
da5e9871e9 sha1-x86_64.pl: fix win64-specific typos and add masm support. 2011-07-01 21:23:13 +00:00
Andy Polyakov
94c64f9a1c x86_64-xlate.pl: masm-specific update. 2011-07-01 21:21:14 +00:00
Andy Polyakov
be6ddecb8b crypto/aes/Makefile: make it work on IRIX. 2011-06-28 12:55:39 +00:00
Andy Polyakov
450853cd04 crypto/whrlpool/wp_block.c: harmonize OPENSSL_ia32cap_P. 2011-06-28 12:42:10 +00:00
Andy Polyakov
5a0876cb8c crypto/sha/asm/sha[1|512]-mips.pl: minor updates. 2011-06-28 12:41:19 +00:00
Andy Polyakov
a908b711ac rc4-586.pl: add Atom performance results. 2011-06-28 12:36:10 +00:00
Andy Polyakov
2036c9a59a md5-x86_86.pl: remove redundant instructions. 2011-06-28 12:33:58 +00:00
Andy Polyakov
b247f7387f crypto/bn/Makefile: fix typo. 2011-06-28 08:52:36 +00:00
Andy Polyakov
0c237e42a4 s390x assembler pack: add s390x-gf2m.pl and harmonize AES_xts_[en|de]crypt. 2011-06-27 10:00:31 +00:00
Andy Polyakov
0772f3b4f6 rc4-x86_64.pl: commentary update. 2011-06-27 09:46:16 +00:00
Andy Polyakov
0a9a692e4e Minor x86_64 perlasm update. 2011-06-27 09:45:10 +00:00
Richard Levitte
021270af37 Add a symbol for the first parameter to OPENSSL_showfatal(). 2011-06-23 09:46:27 +00:00
Richard Levitte
ab688c234d Add symbols for the parameters on a couple more functions. 2011-06-23 09:43:54 +00:00
Dr. Stephen Henson
9a4be82388 PR: 2470 
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve

Don't call ERR_remove_state from DllMain.
 2011-06-22 15:38:21 +00:00
Dr. Stephen Henson
8038e7e44c PR: 2540 
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Prevent infinite loop in BN_GF2m_mod_inv().
 2011-06-22 15:24:05 +00:00
Dr. Stephen Henson
b507284c7e correctly encode OIDs near 2^32 2011-06-22 15:15:58 +00:00
Dr. Stephen Henson
ce02589259 Now the FIPS capable OpenSSL is available simplify the various FIPS test 
build options.

All fispcanisterbuild builds only build fipscanister.o and include symbol
renaming.

Move all renamed symbols to fipssyms.h

Update README.FIPS
 2011-06-22 12:30:18 +00:00
Dr. Stephen Henson
a52b7b44b2 allow MD5 use for computing old format hash links 2011-06-22 02:18:19 +00:00
Dr. Stephen Henson
ff053fc847 Don't set FIPS rand method at same time as RAND method as this can cause the 
FIPS library to fail. Applications that want to set the FIPS rand method can do
so explicitly and presumably they know what they are doing...
 2011-06-21 17:10:21 +00:00
Dr. Stephen Henson
af17d99245 make EVP_dss() work for DSA signing 2011-06-20 20:05:51 +00:00
Dr. Stephen Henson
9ebc37e667 add null cipher to FIPS module 2011-06-20 19:48:44 +00:00
Dr. Stephen Henson
9945b460e2 Give parameters names in prototypes. 2011-06-17 16:47:41 +00:00
Dr. Stephen Henson
bd6386f59c make sure custom cipher flag doesn't use any mode bits 2011-06-13 23:06:43 +00:00
Dr. Stephen Henson
f41154b206 #undef bn_div_words as it is defined for FIPS builds. 2011-06-10 14:03:27 +00:00
Dr. Stephen Henson
3096d53b46 Update dependencies for m_dss.c too. 2011-06-10 14:00:02 +00:00
Dr. Stephen Henson
068291cd44 Remove x509.h from SHA1 clone digests, update dependencies. 2011-06-10 13:52:44 +00:00
Dr. Stephen Henson
4960411e1f Add flags for DH FIPS method. 
Update/fix prototypes in fips.h
 2011-06-08 15:53:08 +00:00
Dr. Stephen Henson
6b6abd627c Set flags in ECDH and ECDSA methods for FIPS. 2011-06-08 13:52:36 +00:00
Andy Polyakov
7eabad423c rc4_skey.c: remove dead/redundant code (it's never compiled) and 
misleading/obsolete comment.
 2011-06-06 20:02:26 +00:00
Dr. Stephen Henson
644ce07ecd Move function prototype to fips.h 2011-06-06 11:56:58 +00:00
Andy Polyakov
17f121de9d e_aes.c: move AES-NI run-time switch and implement the switch for remaining modes. 2011-06-06 11:40:03 +00:00
Andy Polyakov
4d01f2761d x86_64cpuid.pl: fix typo. 2011-06-04 13:08:25 +00:00
Andy Polyakov
301799b803 x86[_64]cpuid.pl: add function accessing rdrand instruction. 2011-06-04 12:20:45 +00:00
Dr. Stephen Henson
b8b90804b6 license correction, no EAY code included in this file 2011-06-03 17:56:17 +00:00
Dr. Stephen Henson
2280dc7c43 Remove FIPS RSA functions from crypto/rsa. 2011-06-02 17:52:39 +00:00
Dr. Stephen Henson
bce1af7762 Add DSA and ECDSA "clone digests" to module for compatibility with old 
applications.
 2011-06-01 14:07:32 +00:00
Andy Polyakov
62b6c5c404 e_aes.c: fix typo. 2011-05-30 10:13:42 +00:00
Andy Polyakov
e76cbcf686 e_aes.c: fix aes_cfb1_cipher. 2011-05-30 10:10:05 +00:00
Andy Polyakov
d1fff483d6 e_aes.c: integrate AESNI directly into EVP. 2011-05-30 09:16:01 +00:00
Andy Polyakov
8da721ee2b aesni-x86[_64].pl: relax alignment requirement. 2011-05-30 09:15:16 +00:00
Andy Polyakov
fe9a5107be Various mingw64 fixes. 2011-05-29 13:51:14 +00:00
Andy Polyakov
afa4b38671 sha1-586|x86_64.pl: minor portability fix. 2011-05-29 13:48:57 +00:00
Andy Polyakov
18f5603c53 x86cpuid.pl: last commit broke platforms with perl with 64-bit integer. 2011-05-29 12:50:02 +00:00
Andy Polyakov
0c149802a2 sha1-586|x86_64.pl: add SSSE3 and AVX code paths. 2011-05-29 12:39:48 +00:00
Andy Polyakov
cf3aeae419 aes-ppc.pl: handle unaligned data on page boundaries. 2011-05-28 09:41:36 +00:00
Andy Polyakov
f44cb15fab rc4-x86_64.pl: fix due credit. 2011-05-27 18:58:37 +00:00
Andy Polyakov
986289604e rc4-x86_64.pl: RC4_options fix-up. 2011-05-27 16:15:12 +00:00
Andy Polyakov
4bb90087d7 x86[_64]cpuid.pl: harmonize usage of reserved bits #20 and #30. 2011-05-27 15:32:43 +00:00
Andy Polyakov
6715034002 PPC assembler pack: adhere closer to ABI specs, add PowerOpen traceback data. 2011-05-27 13:32:34 +00:00
Andy Polyakov
0ca9a483af rc4-x86_64.pl: major optimization for contemporary Intel CPUs. 2011-05-27 09:51:09 +00:00
Andy Polyakov
0dff8ba248 rc4-586.pl: optimize even further... 2011-05-27 09:46:19 +00:00
Andy Polyakov
2bc3ad28b3 x86_64cpuid.pl: get AVX masking right. 2011-05-26 13:16:26 +00:00
Dr. Stephen Henson
a26e245ecd Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:52:21 +00:00
Dr. Stephen Henson
992bdde62d Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:41:56 +00:00
Dr. Stephen Henson
44ddb27fa6 PR: 2512 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
 2011-05-25 12:37:07 +00:00
Andy Polyakov
6a99984b57 rc4-586.pl: optimize unused code path. 2011-05-25 09:36:13 +00:00
Andy Polyakov
760d2551fb rc4-586.pl: 50% improvement on Core2 and 80% on Westmere. 2011-05-24 13:07:29 +00:00
Andy Polyakov
62f29eb1cf spacrv9cap.c: addenum to recent EC optimizations. 2011-05-23 08:14:32 +00:00
Andy Polyakov
f8501464cc aesni-x86[_64].pl: optimize for Sandy Bridge and add XTS mode. 2011-05-22 18:38:00 +00:00
Andy Polyakov
96abea332c x86_64-gf2m.pl: add Win64 SEH. 2011-05-22 18:29:11 +00:00
Andy Polyakov
2e75ed332f ppccap.c: addenum to recent EC optimizations. 2011-05-21 10:17:02 +00:00
Andy Polyakov
d8ea368c41 ec_cvt.c: ARM comparison results were wrong, clarify the background. 2011-05-21 08:40:18 +00:00
Andy Polyakov
fdf6dac859 ec_cvt.c: avoid EC_GFp_nist_method on platforms with bn_mul_mont [see 
commentary for details].
 2011-05-20 20:31:37 +00:00
Dr. Stephen Henson
086e32a6c7 Implement FIPS_mode and FIPS_mode_set 2011-05-19 18:09:02 +00:00
Dr. Stephen Henson
92b4d936cb inherit HMAC flags from MD_CTX 2011-05-19 17:38:25 +00:00
Andy Polyakov
fb2f3411ea aesni-x86_64.pl: make it compile on MacOS X. 2011-05-18 17:05:24 +00:00
Andy Polyakov
c30a2505e2 x86gas.pl: don't omit .comm OPENSSL_ia32cap_P on MacOS X. 2011-05-18 16:28:53 +00:00
Andy Polyakov
c7b903e01d x86_64-xlate.pl: add inter-register movq and make x86_64-gfm.s compile on 
Solaris, MacOS X, elderly gas...
 2011-05-18 16:26:03 +00:00
Andy Polyakov
ddc20d4da9 x86_64cpuid.pl: allow shared build to work without -Bsymbolic. 
PR: 2466
 2011-05-18 16:24:19 +00:00
Andy Polyakov
b906422149 x86[_64]cpuid.pl: handle new extensions. 2011-05-16 20:35:11 +00:00
Andy Polyakov
a3e07010b4 ppc-xlate.pl: get linux64 declaration right. 2011-05-16 19:52:41 +00:00
Andy Polyakov
2b9a8ca15b x86gas.pl: add palignr and move pclmulqdq. 2011-05-16 18:07:00 +00:00
Andy Polyakov
afebe623c5 x86_64 assembler pack: add x86_64-gf2m module. 2011-05-16 17:46:45 +00:00
Andy Polyakov
b5c6aab57e x86_64-xlate.pl: allow "base-less" effective address, add palignr, move 
pclmulqdq.
 2011-05-16 17:44:38 +00:00
Dr. Stephen Henson
b9b0a177f8 new flag to stop ENGINE methods being registered 2011-05-15 15:56:49 +00:00
Dr. Stephen Henson
f76b1baf86 Fix error discrepancy. 2011-05-12 14:28:09 +00:00
Andy Polyakov
b0188c4f07 bn_nist.c: fix shadowing warnings. 2011-05-11 20:19:00 +00:00
Dr. Stephen Henson
c2fd598994 Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in 
the FIPS capable OpenSSL.
 2011-05-11 14:43:38 +00:00
Dr. Stephen Henson
0b59755f43 Call fipsas.pl directly for pa-risc targets. 2011-05-09 15:23:00 +00:00
Andy Polyakov
1fb97e1313 Optimized bn_nist.c. Performance improvement varies from one benchmark 
and platform to another. It was measured to deliver 20-30% better
performance on x86 platforms and 30-40% on x86_64, on nistp384 benchmark.
 2011-05-09 10:16:32 +00:00
Dr. Stephen Henson
fc683d7213 allow SHA384, SHA512 wit DSA 2011-05-08 12:38:35 +00:00
Andy Polyakov
56c5f703c1 IA-64 assembler pack: fix typos and make it work on HP-UX. 2011-05-07 20:36:05 +00:00
Andy Polyakov
58cc21fdea x86 assembler pack: add bn_GF2m_mul_2x2 implementations (see x86-gf2m.pl for 
details and performance data).
 2011-05-07 10:31:06 +00:00
Dr. Stephen Henson
ad4784953d Return error codes for selftest failure instead of hard assertion errors. 2011-05-06 17:38:39 +00:00
Andy Polyakov
925596f85b ARM assembler pack: engage newly introduced armv4-gf2m module. 2011-05-05 21:57:11 +00:00
Dr. Stephen Henson
8d3cdd5b58 Fix warning of signed/unsigned comparison. 2011-05-05 14:47:38 +00:00
Andy Polyakov
75359644d0 ARM assembler pack. Add bn_GF2m_mul_2x2 implementation (see source code 
for details and performance data).
 2011-05-05 07:21:17 +00:00
Andy Polyakov
c7d0d0ae09 xts128.c: minor optimizaton. 2011-05-04 20:57:43 +00:00
Andy Polyakov
034688ec4d bn_gf2m.c: optimized BN_GF2m_mod_inv delivers sometimes 2x of ECDSA sign. 
Exact improvement coefficients vary from one benchmark and platform to
another, e.g. it performs 70%-33% better on ARM, hereafter less for
longer keys, and 100%-90% better on x86_64.
 2011-05-04 15:22:53 +00:00
Dr. Stephen Henson
a95bbadb57 Include fipssyms.h for ARM builds to translate symbols. 
Translate arm symbol to fips_*.
 2011-05-04 14:16:03 +00:00
Dr. Stephen Henson
e9093c9832 PR: 2499 
Submitted by: "James 'J.C.' Jones" <james.jc.jones@gmail.com>

Typos.
 2011-05-02 23:29:57 +00:00
Dr. Stephen Henson
9f7b2c76b1 Include crypto.h in ppccap.c 2011-05-01 16:54:24 +00:00
Dr. Stephen Henson
9a85e53813 no need to include memory.h 2011-04-30 23:37:42 +00:00
Dr. Stephen Henson
7c50694f05 Fix warning. 2011-04-24 12:40:26 +00:00
Andy Polyakov
3f0d14055b gcm128.c: minor optimization. 2011-04-24 11:10:54 +00:00
Andy Polyakov
f855b9d719 ccm128.c: add CRYPTO_ccm128_[en|de]crypt_ccm64 and minor optimization. 2011-04-24 11:10:14 +00:00
Richard Levitte
ce67647605 fips_check_dsa_prng() should only be built when OPENSSL_FIPS is defined. 2011-04-24 10:07:17 +00:00
Richard Levitte
171edf7ff4 Error discrepancy corrected. 2011-04-24 08:59:15 +00:00
Dr. Stephen Henson
69a80f7d5e More fixes for DSA FIPS overrides. 2011-04-23 21:59:12 +00:00
Dr. Stephen Henson
dc03504d09 Make sure overrides work for RSA/DSA. 2011-04-23 21:15:05 +00:00
Dr. Stephen Henson
383bc117bb Oops, work out expanded buffer length before allocating it... 2011-04-23 20:24:55 +00:00
Dr. Stephen Henson
e0d1a2f80a Always return multiple of block length bytes from default DRBG seed 
callback.

Handle case where no multiple of the block size is in the interval
[min_len, max_len].
 2011-04-23 20:05:19 +00:00
Dr. Stephen Henson
cac4fb58e0 Add PRNG security strength checking. 2011-04-23 19:55:55 +00:00
Andy Polyakov
9e5fe439b4 xts128.c: fix bug introduced in commit#20704. Bug affected encryption of 
vectors whose lenght was not multiples of 16 bytes.
 2011-04-23 09:15:03 +00:00
Dr. Stephen Henson
74fac927b0 Return errors instead of aborting when selftest fails. 2011-04-22 11:12:56 +00:00
Dr. Stephen Henson
84ed90f88b Fix WIN32 warning. 2011-04-21 14:54:33 +00:00
Dr. Stephen Henson
b8b6a13a56 Add continuous RNG test to entropy source. Entropy callbacks now need 
to specify a "block length".
 2011-04-21 14:17:15 +00:00
Dr. Stephen Henson
14264b19de Add periodic DRBG health checks as required by SP800-90. 2011-04-20 17:06:38 +00:00
Andy Polyakov
daaf5088fd xts128.c: minor optimization and clarified prototype. 2011-04-20 08:13:58 +00:00
Andy Polyakov
e382e4e603 perlasm/x86gas.pl: make OPENSSL_instrument_bus[2] compile. 2011-04-19 19:09:18 +00:00
Dr. Stephen Henson
cb1b3aa151 Add AES CCM selftest. 2011-04-19 18:57:58 +00:00
Dr. Stephen Henson
8c7096835b Use 0 for tbslen to perform strlen. 2011-04-19 11:10:54 +00:00
Dr. Stephen Henson
b5dd178740 Fix EVP CCM decrypt. Add decrypt support to algorithm test program. 2011-04-18 22:48:40 +00:00
Dr. Stephen Henson
98279c1629 Typo. 2011-04-18 21:01:24 +00:00
Andy Polyakov
a0cc46f8e4 ccm128.c: fix Win32 compiler warning. 2011-04-18 20:19:23 +00:00
Andy Polyakov
70d01a7f82 perlasm/x86[nm]asm.pl: make OPENSSL_instrument_bus[2] compile. 2011-04-18 20:18:03 +00:00
Andy Polyakov
5f1b10ed2e ccm128.c: fix STRICT_ALIGNMENT another bug in CRYPTO_ccm128_decrypt. 2011-04-18 19:17:28 +00:00
Dr. Stephen Henson
62dc7ed67c Override flag for XTS length limit. 2011-04-18 17:31:28 +00:00
Dr. Stephen Henson
2391681082 Initial untested CCM support via EVP. 2011-04-18 14:25:11 +00:00
Dr. Stephen Henson
6386b1b34d Compile ccm128.c, move some structures to modes_lcl.h add prototypes. 2011-04-18 13:15:37 +00:00
Dr. Stephen Henson
3b4a855778 Don't need separate tag buffer for GCM mode: use EVP_CIPHER_CTX buf 
field which is not unused for custom ciphers.
 2011-04-18 11:28:41 +00:00
Andy Polyakov
5fabb88a78 Multiple assembler packs: add experimental memory bus instrumentation. 2011-04-17 12:46:00 +00:00
Andy Polyakov
7e5b4d6779 ccm128.c: minor optimization and bugfix in CRYPTO_ccm128_[en|de]crypt. 2011-04-16 22:57:58 +00:00
Dr. Stephen Henson
45321c41e2 Add length limitation from SP800-38E. 2011-04-15 12:01:53 +00:00
Dr. Stephen Henson
bf8131f79f Add XTS selftest, include in fips_test_suite. 2011-04-15 11:30:19 +00:00
Dr. Stephen Henson
06b7e5a0e4 Add algorithm driver for XTS mode. Fix several bugs in EVP XTS implementation. 2011-04-15 02:49:30 +00:00
Dr. Stephen Henson
a6311f856b Remove several of the old obsolete FIPS_corrupt_*() functions. 2011-04-14 11:30:51 +00:00
Dr. Stephen Henson
ac892b7aa6 Initial incomplete POST overhaul: add support for POST callback to 
allow status of POST to be monitored and/or failures induced.
 2011-04-14 11:15:10 +00:00
Dr. Stephen Henson
77394d7e8f Remove duplicate flag. 2011-04-13 00:11:53 +00:00
Dr. Stephen Henson
32a2d8ddfe Provisional AES XTS support. 2011-04-12 23:21:33 +00:00
Dr. Stephen Henson
49cb5e0b40 Fix memory leaks: uninstantiate DRBG during health checks. Cleanup md_ctx 
when performing ECDSA selftest.
 2011-04-12 14:28:06 +00:00
Dr. Stephen Henson
364ce53cef No need to disable leak checking for FIPS builds now we use internal 
memory callbacks.
 2011-04-12 13:01:40 +00:00
Dr. Stephen Henson
48da9b8f2a Fix warning. 2011-04-11 14:52:59 +00:00
Dr. Stephen Henson
1f91af5e56 remove ENGINE dependency from ecdh 2011-04-10 01:14:25 +00:00
Dr. Stephen Henson
55e328f580 Add error for health check failure. 
Rebuild all FIPS error codes to clean out old obsolete codes.
 2011-04-09 17:46:31 +00:00
Dr. Stephen Henson
31360957fb DH keys have an (until now) unused 'q' parameter. When creating 
from DSA copy q across and if q present generate DH key in the
correct range.
 2011-04-07 15:01:48 +00:00
Dr. Stephen Henson
d80399a357 Only use fake rand once per operation. This stops the EC 
pairwise consistency test interfering with the test.
 2011-04-06 23:42:55 +00:00
Dr. Stephen Henson
6653c6f2e8 Update OpenSSL DRBG support code. Use date time vector as additional data. 
Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD.
 2011-04-06 23:40:22 +00:00
Dr. Stephen Henson
4c8855b975 Add missing error code strings. 2011-04-06 18:17:05 +00:00
Dr. Stephen Henson
acd410dc15 check buffer is larger enough before overwriting 2011-04-06 18:06:41 +00:00
Dr. Stephen Henson
05e24c87dd Extensive reorganisation of PRNG handling in FIPS module: all calls 
now use an internal RAND_METHOD. All dependencies to OpenSSL standard
PRNG are now removed: it is the applications resposibility to setup
the FIPS PRNG and initalise it.

Initial OpenSSL RAND_init_fips() function that will setup the DRBG
for the "FIPS capable OpenSSL".
 2011-04-05 15:24:10 +00:00
Dr. Stephen Henson
ab1415d2f5 Updated error codes for FIPS library. 2011-04-04 17:05:09 +00:00
Andy Polyakov
7af0400297 gcm128.c: fix shadow warnings. 2011-04-04 15:24:09 +00:00
Dr. Stephen Henson
1d59fe5267 Disable test fprintf. 2011-04-04 14:52:20 +00:00
Dr. Stephen Henson
ded1999702 Change RNG test to block oriented instead of request oriented, add option 
to test a "stuck" DRBG.
 2011-04-04 14:47:31 +00:00
Dr. Stephen Henson
a255e5bc98 check RAND_pseudo_bytes return value 2011-04-04 14:43:20 +00:00
Andy Polyakov
e512375186 ARM assembler pack: add missing arm_arch.h. 2011-04-01 21:09:09 +00:00
Andy Polyakov
1e86318091 ARM assembler pack: profiler-assisted optimizations and NEON support. 2011-04-01 20:58:34 +00:00
Andy Polyakov
d8d958323b gcm128.c: tidy up, minor optimization, rearrange gcm128_context. 2011-04-01 20:52:35 +00:00
Dr. Stephen Henson
30b26b551f restore .cvsignore 2011-04-01 18:49:24 +00:00
Dr. Stephen Henson
02eb92abad temporarily update .cvsignore 2011-04-01 18:38:51 +00:00
Dr. Stephen Henson
8cf88778ea Allow FIPS malloc callback setting. Automatically set some callbacks 
in OPENSSL_init().
 2011-04-01 16:23:16 +00:00
Dr. Stephen Henson
c4acfb1fd0 Add additional OPENSSL_init() handling add dummy call to (hopefully) 
ensure OPENSSL_init() is always linked into an application.
 2011-04-01 15:46:03 +00:00
Dr. Stephen Henson
3f7468318d Provisional support for auto called OPENSSL_init() function. This can be 
used to set up any appropriate functions such as FIPS callbacks without
requiring an explicit application call.
 2011-04-01 14:49:30 +00:00
Dr. Stephen Henson
e06de4dd35 Remove redundant definitions. Give error code if DRBG sefltest fails. 2011-03-31 17:23:12 +00:00
Richard Levitte
3a660e7364 Corrections to the VMS build system. 
Submitted by Steven M. Schweda <sms@antinode.info>
 2011-03-25 16:20:35 +00:00
Dr. Stephen Henson
97057a1a7d Make some Unix builds work again. 2011-03-25 12:09:29 +00:00
Richard Levitte
4ec3e8ca51 For VMS, implement the possibility to choose 64-bit pointers with 
different options:
"64"		The build system will choose /POINTER_SIZE=64=ARGV if
		the compiler supports it, otherwise /POINTER_SIZE=64.
"64="		The build system will force /POINTER_SIZE=64.
"64=ARGV"	The build system will force /POINTER_SIZE=64=ARGV.
 2011-03-25 09:40:48 +00:00
Richard Levitte
5d0137aa14 make update 2011-03-25 09:30:52 +00:00
Richard Levitte
30fafdebf3 * Configure, crypto/ec/ec.h, crypto/ec/ecp_nistp224.c, util/mkdef.pl: 
Have EC_NISTP224_64_GCC_128 treated like any algorithm, and have
  disabled by default.  If we don't do it this way, it screws up
  libeay.num.
* util/libeay.num: make update
 2011-03-25 09:29:46 +00:00
Richard Levitte
c6dbe90895 make update 2011-03-24 22:59:02 +00:00
Richard Levitte
399aa6b5ff Implement FIPS CMAC. 
* fips/cmac/*: Implement the basis for FIPS CMAC, using FIPS HMAC as
  an example.
* crypto/cmac/cmac.c: Enable the FIPS API.  Change to use M_EVP macros
  where possible.
* crypto/evp/evp.h: (some of the macros get added with this change)
* fips/fips.h, fips/utl/fips_enc.c: Add a few needed functions and use
  macros to have cmac.c use these functions.
* Makefile.org, fips/Makefile, fips/fips.c: Hook it in.
 2011-03-24 22:55:02 +00:00
Richard Levitte
487b023f3d make update (1.1.0-dev) 
This meant alarger renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable and 1.0.1-stable.  However, since there's
been no release on this branch yet, it should be harmless.
 2011-03-23 00:11:32 +00:00
Richard Levitte
1f9c2b3f71 * crypto/crypto-lib.com: Add a few more missing modules. 2011-03-23 00:10:16 +00:00
Dr. Stephen Henson
4fc02f1229 Use a signed value to check return value of do_cipher(). 2011-03-21 17:37:27 +00:00
Richard Levitte
3d62b1f22d A few more long symbols need shortening. 2011-03-20 10:23:51 +00:00
Richard Levitte
9e67d24743 Add missing source. Also, have the compile also use [.MODES] as 
include directory, as other parts (notably, EVP) seem to need it.
 2011-03-20 10:23:27 +00:00
Richard Levitte
537c982306 After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS 
submitted by Steven M. Schweda <sms@antinode.info>
 2011-03-19 10:58:14 +00:00
Dr. Stephen Henson
1e803100de Implement continuous RNG test for SP800-90 DRBGs. 2011-03-17 18:53:33 +00:00
Dr. Stephen Henson
96ec46f7c0 Implement health checks needed by SP800-90. 
Fix warnings.

Instantiate DRBGs at maximum strength.
 2011-03-17 16:55:24 +00:00
Dr. Stephen Henson
fbbabb646c Add extensive DRBG selftest data and option to corrupt it in fips_test_suite. 2011-03-16 15:52:12 +00:00
Dr. Stephen Henson
d70fcb96ac Fix warnings: signed/unisgned comparison, shadowing (in some cases global 
functions such as rand() ).
 2011-03-12 17:27:03 +00:00
Ben Laurie
edc032b5e3 Add SRP support. 2011-03-12 17:01:19 +00:00
Dr. Stephen Henson
1b76fac5ae Check requested security strength in DRBG. Add function to retrieve the 
security strength.
 2011-03-11 17:42:11 +00:00
Dr. Stephen Henson
1acc24a8ba Make no-ec2m work again. 2011-03-10 01:00:30 +00:00
Dr. Stephen Henson
8857b380e2 Add ECDH to validated module. 2011-03-09 23:44:06 +00:00
Dr. Stephen Henson
bc91494e06 New SP 800-56A compliant version of DH_compute_key(). 2011-03-08 19:07:26 +00:00
Dr. Stephen Henson
a1e7883edb Add meaningful error codes to DRBG. 2011-03-08 14:16:30 +00:00
Andy Polyakov
a000759a5c ia64-mont.pl: optimize short-key performance. 2011-03-04 13:27:29 +00:00
Andy Polyakov
bc5b136c5c ghash-x86.pl: optimize for Sandy Bridge. 2011-03-04 13:21:41 +00:00
Andy Polyakov
16cb0d9591 xts128.c: minor optimization. 2011-03-04 13:17:19 +00:00
Andy Polyakov
0ab8fd58e1 s390x assembler pack: tune-up and support for new z196 hardware. 2011-03-04 13:09:16 +00:00
Dr. Stephen Henson
949c6f8ccf Stop warnings. 2011-02-23 16:06:33 +00:00
Dr. Stephen Henson
324abf1d20 Add modes_lcl.h to header list. 2011-02-22 14:06:54 +00:00
Dr. Stephen Henson
3e446ba347 Make "make links" work in fipscanisteronly builds. 2011-02-22 12:34:46 +00:00
Dr. Stephen Henson
b7056b6414 Update dependencies. 2011-02-21 17:51:59 +00:00
Dr. Stephen Henson
37eae9909a Remove unnecessary dependencies. 2011-02-21 17:35:53 +00:00
Dr. Stephen Henson
eead69f5ed Make fipscanisteronly build only required files. 2011-02-21 14:07:15 +00:00
Dr. Stephen Henson
ab8a4e54db Move gcm128_context definition to modes_lcl.h (along with some related 
definitions) so we can use it in EVP GCM code avoiding need to allocate
it.
 2011-02-19 22:16:52 +00:00
Dr. Stephen Henson
947ff113d2 add ECDSA POST 2011-02-18 17:25:00 +00:00
Dr. Stephen Henson
acf254f86e AES GCM selftests. 2011-02-18 17:09:33 +00:00
Dr. Stephen Henson
a3654f0586 Include openssl/crypto.h first in several other files so FIPS renaming 
is picked up.
 2011-02-16 17:25:01 +00:00
Dr. Stephen Henson
d749e1080a Experimental symbol renaming to avoid clashes with regular OpenSSL. 
Make sure crypto.h is included first in any affected files.
 2011-02-16 14:40:06 +00:00
Dr. Stephen Henson
0fbf8f447b Add pairwise consistency test to EC. 2011-02-15 16:58:28 +00:00
Dr. Stephen Henson
225a9e296b Update pairwise consistency checks to use SHA-256. 2011-02-15 16:18:18 +00:00
Dr. Stephen Henson
25c6542944 Add non-FIPS algorithm blocking and selftest checking. 2011-02-15 16:03:47 +00:00
Dr. Stephen Henson
14567b1451 Add FIPS flags to AES ciphers and SHA* digests. 2011-02-15 15:57:54 +00:00
Dr. Stephen Henson
fe26d066ff Add ECDSA functionality to fips module. Initial very incomplete version 
of algorithm test program.
 2011-02-14 17:14:55 +00:00
Dr. Stephen Henson
c876a4b7b1 Include support for an add_lock callback to tiny FIPS locking API. 2011-02-14 17:05:42 +00:00
Dr. Stephen Henson
c966120412 Don't use FIPS api for ec2_oct.c 2011-02-14 16:55:28 +00:00
Dr. Stephen Henson
84b08eee4b Reorganise ECC code for inclusion in FIPS module. 
Move compression, point2oct and oct2point functions into separate files.

Add a flags field to EC_METHOD.

Add a flag EC_FLAGS_DEFAULT_OCT to use the default compession and oct
functions (all existing methods do this). This removes dependencies from
EC_METHOD while keeping original functionality.
 2011-02-14 16:52:12 +00:00
Dr. Stephen Henson
bf2546f947 Use BN_nist_mod_func to avoid need to peek error queue. 2011-02-14 16:45:28 +00:00
Dr. Stephen Henson
133291f8e7 New function BN_nist_mod_func which returns an appropriate function 
if the passed prime is a NIST prime.
 2011-02-14 16:44:29 +00:00
Dr. Stephen Henson
e990b4f838 Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_new 
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1
library.
 2011-02-13 18:45:41 +00:00
Dr. Stephen Henson
c9a90645a5 Disable some functions in headers with no-ec2m 2011-02-12 17:38:06 +00:00
Dr. Stephen Henson
b331016124 New option to disable characteristic two fields in EC code. 2011-02-12 17:23:32 +00:00
Andy Polyakov
afb4191304 dso_dlfcn.c: make it work on Tru64 4.0. 
PR: 2316
 2011-02-12 16:43:41 +00:00
Andy Polyakov
a6d915e0ef gcm128.c: make it work with no-sse2. 2011-02-12 11:47:55 +00:00
Dr. Stephen Henson
ed12c2f7ca In FIPS mode only use "Generation by Testing Candidates" equivalent. 2011-02-11 15:19:54 +00:00
Dr. Stephen Henson
16a7fcc447 Return security strength for supported DSA parameters: will be used 
later.
 2011-02-11 14:38:39 +00:00
Dr. Stephen Henson
a1a5885b64 Free keys if DSA pairwise error. 2011-02-11 14:21:01 +00:00
Andy Polyakov
f84a8ea526 x86gas.pl: make data_short work on legacy systems. 2011-02-10 21:24:24 +00:00
Andy Polyakov
01be5db64e xts128.c: initial draft. 2011-02-10 21:16:21 +00:00
Dr. Stephen Henson
b3d8022edd Add GCM IV generator. Add some FIPS restrictions to GCM. Update fips_gcmtest. 2011-02-09 16:21:43 +00:00
Andy Polyakov
632d83f0a3 ccm128.c: initialize ctx->block (what I was smoking?). 2011-02-08 23:08:02 +00:00
Andy Polyakov
d3fad7cb51 ccm128.c: initial draft. 2011-02-08 23:02:45 +00:00
Dr. Stephen Henson
f4001a0d19 Link GCM into FIPS module. Check return value in EVP gcm. 2011-02-08 15:10:42 +00:00
Andy Polyakov
1f2502eb58 gcm128.c: add boundary condition checks. 2011-02-07 19:11:13 +00:00
Dr. Stephen Henson
bdaa54155c Initial *very* experimental EVP support for AES-GCM. Note: probably very 
broken and subject to change.
 2011-02-07 18:16:33 +00:00
Dr. Stephen Henson
fd3dbc1dbf Add CRYPTO_gcm128_tag() function to retrieve the tag. 2011-02-07 18:05:27 +00:00
Dr. Stephen Henson
d45087c672 Use 0 not -1 (since type is size_t) for finalisation argument to do_cipher: 
the NULL value for the input buffer is sufficient to notice this case.
 2011-02-07 18:04:27 +00:00
Dr. Stephen Henson
3da0ca796c New flags EVP_CIPH_FLAG_CUSTOM_CIPHER in cipher structures if an underlying 
cipher handles all cipher symantics itself.
 2011-02-07 14:36:08 +00:00
Dr. Stephen Henson
f9678b8b57 Fix memory leak. 2011-02-07 13:34:00 +00:00
Dr. Stephen Henson
83e9c36261 Use default ASN1 if flag set. 2011-02-07 12:47:16 +00:00
Andy Polyakov
b68c13154e gcm128.c: allow multiple calls to CRYPTO_gcm128_aad. 2011-02-06 23:50:05 +00:00
Andy Polyakov
68e2586bd3 gcm128.c: fix bug in OPENSSL_SMALL_FOOTPRINT decrypt. 
PR: 2432
Submitted by: Michael Heyman
 2011-02-06 23:48:32 +00:00
Dr. Stephen Henson
06b433acad Add FIPS support to the WIN32 build system. 2011-02-03 23:12:04 +00:00
Dr. Stephen Henson
14ae26f2e4 Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files 
that use it.
 2011-02-03 17:00:24 +00:00
Dr. Stephen Henson
3710d1aae9 Rename crypto/fips_err.c to fips_ers.c to avoid clash with other fips_err.c 2011-02-03 16:16:30 +00:00
Dr. Stephen Henson
cc5c772abd Include fips header file in err_all.c if needed. 2011-02-03 16:03:21 +00:00
Dr. Stephen Henson
65041aa27e Add FIPS error codes. 2011-02-03 15:58:43 +00:00
Dr. Stephen Henson
65847ca378 For now disable EC_GFp_nistp224_method() for WIN32 so the WIN32 build 
completes without linker errors.
 2011-02-03 13:00:08 +00:00
Dr. Stephen Henson
c2a459315a Use single X931 key generation source file for FIPS and non-FIPS builds. 2011-02-03 12:47:56 +00:00
Bodo Möller
e2b798c8b3 Assorted bugfixes: 
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check

Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
 2011-02-03 12:03:51 +00:00
Bodo Möller
9d0397e977 make update 2011-02-03 10:17:53 +00:00
Bodo Möller
2440d8b1db Fix error codes. 2011-02-03 10:03:23 +00:00
Dr. Stephen Henson
7a4ec19a5f Make no-asm work in fips mode. Add android platform. 2011-02-02 15:07:13 +00:00
Dr. Stephen Henson
a5b196a22c Add sign/verify digest API to handle an explicit digest instead of finalising 
a context.
 2011-02-02 14:21:33 +00:00
Dr. Stephen Henson
3c2c4cc5f2 fixes for DSA2 parameter generation 2011-02-01 17:15:19 +00:00
Dr. Stephen Henson
7f64c26588 Since FIPS 186-3 specifies we use the leftmost bits of the digest 
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.
 2011-02-01 12:52:01 +00:00
Dr. Stephen Henson
3dd9b31dc4 Provisional, experimental support for DSA2 parameter generation algorithm. 
Not properly integrated or tested yet.
 2011-01-31 19:44:09 +00:00
Dr. Stephen Henson
eb164d0b12 stop warnings about no previous prototype when compiling shared engines 2011-01-30 01:30:48 +00:00
Dr. Stephen Henson
7edfe67456 Move all FIPSAPI renames into fips.h header file, include early in 
crypto.h if needed.

Modify source tree to handle change.
 2011-01-27 19:10:56 +00:00
Dr. Stephen Henson
7cc684f4f7 Redirect FIPS memory allocation to FIPS_malloc() routine, remove 
OpenSSL malloc dependencies.
 2011-01-27 17:23:43 +00:00
Dr. Stephen Henson
aa87945f47 Update source files to handle new FIPS_lock() location. Add FIPS_lock() 
definition. Remove stale function references from fips.h
 2011-01-27 15:57:31 +00:00
Dr. Stephen Henson
7c8ced94c3 Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just refer 
to EVP any more.

Move locking #define into fips.h.

Set FIPS locking callbacks at same time as OpenSSL locking callbacks.
 2011-01-27 15:22:26 +00:00
Dr. Stephen Henson
ad6019d6c0 Move locking and thread ID functions into new files lock.c and thr_id.c, 
redirect locking to minimal FIPS_lock() function where required.
 2011-01-27 14:27:24 +00:00
Dr. Stephen Henson
a27de7b7fd use FIPSEVP in some bn and rsa files 2011-01-27 14:24:42 +00:00
Dr. Stephen Henson
879bd6e38c Internal version of BN_mod_inverse allowing checking of no-inverse without 
need to inspect error queue.
 2011-01-26 16:59:47 +00:00
Dr. Stephen Henson
6f4b3e7c09 Use ARX in crypto/Makefile 2011-01-26 16:22:03 +00:00
Dr. Stephen Henson
6dff52e858 FIPS HMAC changes: 
Use EVP macros.

Use tiny EVP in FIPS mode.
 2011-01-26 16:15:38 +00:00
Dr. Stephen Henson
df6de39fe7 Change AR to ARX to allow exclusion of fips object modules 2011-01-26 16:08:08 +00:00
Dr. Stephen Henson
5ca9cb7cbd FIPS mode ERR changes. Redirect errors to tiny FIPS callbacks to avoid ERR 
library dependencies.
 2011-01-26 15:53:07 +00:00
Dr. Stephen Henson
83c3410b94 FIPS DH changes: selftest checks and key range checks. 2011-01-26 15:47:19 +00:00
Dr. Stephen Henson
20818e00fd FIPS mode DSA changes: 
Check for selftest failures.

Pairwise consistency test for RSA key generation.

Use some EVP macros instead of EVP functions.

Use minimal FIPS EVP where needed.

Key size restrictions.
 2011-01-26 15:46:26 +00:00
Dr. Stephen Henson
c553721e8b FIPS mode RSA changes: 
Check for selftest failures.

Pairwise consistency test for RSA key generation.

Use some EVP macros instead of EVP functions.

Use minimal FIPS EVP where needed.
 2011-01-26 15:37:41 +00:00
Dr. Stephen Henson
1588a3cae7 add new RAND errors 2011-01-26 15:33:51 +00:00
Dr. Stephen Henson
7a4bd34a4f FIPS mode EVP changes: 
Set EVP_CIPH_FLAG_FIPS on approved ciphers.

Support "default ASN1" flag which avoids need for ASN1 dependencies in FIPS
code.

Include some defines to redirect operations to a "tiny EVP" implementation
in some FIPS source files.

Change m_sha1.c to use EVP_PKEY_NULL_method: the EVP_MD sign/verify functions
are not used in OpenSSL 1.0 and later for SHA1 and SHA2 ciphers: the EVP_PKEY
API is used instead.
 2011-01-26 15:25:33 +00:00
Dr. Stephen Henson
4ead4e5241 FIPS mode changes to make RNG compile (this will need updating later as we 
need a whole new PRNG for FIPS).

1. avoid use of ERR_peek().

2. If compiling with FIPS use small FIPS EVP and disable ENGINE
 2011-01-26 14:52:04 +00:00
Richard Levitte
373048395e Add rsa_crpt 2011-01-26 06:51:35 +00:00
Dr. Stephen Henson
72a267331a Move RSA encryption functions to new file crypto/rsa/rsa_crpt.c to separate 
crypto and ENGINE dependencies in RSA library.
 2011-01-25 17:35:10 +00:00
Dr. Stephen Henson
13a5519208 Move BN_options function to bn_print.c to remove dependency for BIO printf 
routines from bn_lib.c
 2011-01-25 17:10:30 +00:00
Dr. Stephen Henson
f7a2afa652 Move DSA_sign, DSA_verify to dsa_asn1.c and include separate versions of 
DSA_SIG_new() and DSA_SIG_free() to remove ASN1 dependencies from DSA_do_sign()
and DSA_do_verify().
 2011-01-25 16:55:15 +00:00
Dr. Stephen Henson
245a7eee17 recalculate DSA signature if r or s is zero (FIPS 186-3 requirement) 2011-01-25 16:01:29 +00:00
Dr. Stephen Henson
6e0375d504 revert Makefile change 2011-01-25 12:15:10 +00:00
Dr. Stephen Henson
7d05edd12e PR: 2433 
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
 2011-01-24 16:19:52 +00:00
Dr. Stephen Henson
fef1c40bf1 New function EC_KEY_set_affine_coordinates() this performs all the 
NIST PKV tests.
 2011-01-24 16:07:40 +00:00
Dr. Stephen Henson
a428ac4750 check EC public key isn't point at infinity 2011-01-24 15:04:34 +00:00
Dr. Stephen Henson
0aa1aedbce PR: 1612 
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve

Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
 2011-01-24 14:41:34 +00:00
Dr. Stephen Henson
dd616752a1 oops, revert mistakenly committed EC changes 2011-01-19 14:42:42 +00:00
Dr. Stephen Henson
198ce9a611 Add additional parameter to dsa_builtin_paramgen to output the generated 
seed to: this doesn't introduce any binary compatibility issues as the
function is only used internally.

The seed output is needed for FIPS 140-2 algorithm testing: the functionality
used to be in DSA_generate_parameters_ex() but was removed in OpenSSL 1.0.0
 2011-01-19 14:35:53 +00:00
Dr. Stephen Henson
78c4572296 add va_list version of ERR_add_error_data 2011-01-14 15:13:37 +00:00
Dr. Stephen Henson
d3f17e5ed3 stop warning with no-engine 2011-01-13 15:41:58 +00:00
Richard Levitte
ff66ff0a9b PR: 2425 
Synchronise VMS build with Unixly build.
 2011-01-10 20:55:21 +00:00
Ben Laurie
c13d7c0296 Fix warning. 2011-01-09 17:50:06 +00:00
Dr. Stephen Henson
778b14b72d move some string utilities to buf_str.c to reduce some dependencies (from 0.9.8 branch). 2011-01-09 13:32:57 +00:00
Dr. Stephen Henson
7b1a04519f add X9.31 prime generation routines from 0.9.8 branch 2011-01-09 13:02:14 +00:00
Dr. Stephen Henson
09d84e03e8 oops missed an assert 2011-01-03 12:54:08 +00:00
Dr. Stephen Henson
85881c1d92 PR: 2411 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Fix corner cases in RFC3779 code.
 2011-01-03 01:40:53 +00:00
Dr. Stephen Henson
968062b7d3 Fix escaping code for string printing. If *any* escaping is enabled we 
must escape the escape character itself (backslash).
 2011-01-03 01:31:24 +00:00
Dr. Stephen Henson
e82f75577b PR: 2410 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Use OPENSSL_assert() instead of assert().
 2011-01-03 01:22:41 +00:00
Dr. Stephen Henson
88ea810e25 PR: 2413 
Submitted by: Michael Bergandi <mbergandi@gmail.com>
Reviewed by: steve

Fix typo in crypto/bio/bss_dgram.c
 2011-01-03 01:07:35 +00:00
Dr. Stephen Henson
2b3936e882 avoid verification loops in trusted store when path building 2010-12-25 20:45:59 +00:00
Richard Levitte
b7ef916c38 First attempt at adding the possibility to set the pointer size for the builds on VMS. 
PR: 2393
 2010-12-14 19:19:04 +00:00
Dr. Stephen Henson
d7d5a55d22 Support routines for ASN1 scanning function, doesn't do much yet. 2010-12-13 18:15:28 +00:00
Andy Polyakov
05e4fbf801 bss_file.c: refine UTF8 logic. 
PR: 2382
 2010-12-11 14:53:14 +00:00
Dr. Stephen Henson
73334e8da1 PR: 2386 
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve

Correct SKM_ASN1_SET_OF_d2i macro.
 2010-12-02 18:02:29 +00:00
Dr. Stephen Henson
09c1dc850c PR: 2385 
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve

Zero key->pkey.ptr after it is freed so the structure can be reused.
 2010-11-30 19:37:21 +00:00
Andy Polyakov
e822c756b6 s390x assembler pack: adapt for -m31 build, see commentary in Configure 
for more details.
 2010-11-29 20:52:43 +00:00
Dr. Stephen Henson
300b1d76fe apply J-PKAKE fix to HEAD (original by Ben) 2010-11-29 18:32:05 +00:00
Dr. Stephen Henson
ae3fff5034 Some of the MS_STATIC use in crypto/evp is a legacy from the days when 
EVP_MD_CTX was much larger: it isn't needed anymore.
 2010-11-27 17:37:03 +00:00
Dr. Stephen Henson
fa71cc7bce fix typo in HMAC redirection, add HMAC INIT tracing 2010-11-24 19:14:59 +00:00
Dr. Stephen Henson
e77906b9fa VERY EXPERIMENTAL HMAC redirection example in OpenSSL ENGINE. Untested at this 
stage and probably wont work properly.
 2010-11-24 18:32:06 +00:00
Dr. Stephen Henson
f830c68f4d add "missing" functions to copy EVP_PKEY_METHOD and examine info 2010-11-24 16:08:20 +00:00
Dr. Stephen Henson
46fc96d4ba constify EVP_PKEY_new_mac_key() 2010-11-24 13:13:49 +00:00
Richard Levitte
88868c0786 Use the same directory for architecture dependent header files as in 
the branches OpenSSL-1_0_0-stable and OpenSSL-1_0_1-stable.
 2010-11-23 02:43:20 +00:00
Richard Levitte
2631a0210e Give the architecture dependent directory higher priority 2010-11-23 01:05:26 +00:00
Richard Levitte
c8f0610d99 Synchronise with Unix and do all other needed modifications to have it 
build on VMS again.
 2010-11-22 22:04:41 +00:00
Andy Polyakov
dd128715a2 s390x.S: fix typo in bn_mul_words. 
PR: 2380
 2010-11-22 21:55:07 +00:00
Dr. Stephen Henson
6377953816 add pice of PR#2295 not committed to HEAD 2010-11-22 16:14:56 +00:00
Dr. Stephen Henson
e322fa2872 PR: 2376 
Submitted by: Guenter <lists@gknw.net>
Reviewed by: steve

Cleanup alloca use, fix Win32 target for OpenWatcom.
 2010-11-19 00:12:01 +00:00
Richard Levitte
40844c9f68 We redid the structure on architecture dependent source files, but 
apparently forgot to adapt the copying to the installation directory.
 2010-11-18 20:03:07 +00:00
Dr. Stephen Henson
833ebea189 compile cts128.c on VMS 2010-11-18 17:04:18 +00:00
Dr. Stephen Henson
70a5f5f9ab PR: 2372 
Submitted by: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl>
Reviewed by: steve

Fix OpenBSD compilation failure.
 2010-11-18 12:30:01 +00:00
Dr. Stephen Henson
ad889de097 If EVP_PKEY structure contains an ENGINE the key is ENGINE specific and 
we should use its method instead of any generic one.
 2010-11-16 12:11:46 +00:00
Dr. Stephen Henson
da7b0b2261 Submitted by: Jonathan Dixon <joth@chromium.org> 
Reviewed by: steve

If store is NULL set flags correctly.
 2010-11-02 15:58:58 +00:00
Andy Polyakov
c242dda4a4 sha512-mips.pl: add missing 64-bit byte swap. 2010-10-22 20:16:22 +00:00
Andy Polyakov
bb55003882 Add aes-mips.pl assembler module. 2010-10-21 15:56:55 +00:00
Andy Polyakov
ca32ceb773 sha512-mips.pl: fix "little-endian" typos. 2010-10-21 15:56:24 +00:00
Dr. Stephen Henson
776654adff PR: 2295 
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
 2010-10-11 23:49:22 +00:00
Andy Polyakov
d6522548dd x86_64-xlate.pl: fix LNK4078 and LNK4210 link warnings. 
PR 2356
 2010-10-10 21:07:55 +00:00
Dr. Stephen Henson
983768997e We can't always read 6 bytes in an OCSP response: fix so error statuses 
are read correctly for non-blocking I/O.
 2010-10-06 18:00:59 +00:00
Dr. Stephen Henson
8ec3fa0597 fix signature printing routines 2010-10-04 13:58:41 +00:00
Dr. Stephen Henson
0c7246ed4b fix warnings 2010-10-04 13:45:15 +00:00
Dr. Stephen Henson
39239280f3 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), 
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
 2010-10-03 18:58:09 +00:00
Andy Polyakov
5ad83922ca sha512-mips.pl: add missing byte swap for little-endians. 2010-10-02 12:43:04 +00:00
Andy Polyakov
d466588788 MIPS assembler pack: enable it in Configure, add SHA2 module, fix make rules, 
update commentary...
 2010-10-02 11:47:17 +00:00
Andy Polyakov
da4d239dad Add unified mips.pl, which will replace mips3.s. 2010-09-27 21:19:43 +00:00
Andy Polyakov
0985473636 sha1-mips.pl, mips-mont.pl: unify MIPS assembler modules in respect to 
ABI and binutils.
 2010-09-22 08:43:09 +00:00
Andy Polyakov
8986e37249 ghash-s390x.pl: reschedule instructions for better performance. 2010-09-21 11:37:00 +00:00
Andy Polyakov
90ba3a28f8 s390x assembler pack: extend OPENSSL_s390xcap_P to 128 bits. 2010-09-18 08:46:53 +00:00
Andy Polyakov
f8927c89d0 Alpha assembler pack: adapt for Linux. 
PR: 2335
 2010-09-13 13:28:52 +00:00
Andy Polyakov
3739a772e9 sha1-armv4-large.pl: more readable input pickup. 2010-09-10 15:41:08 +00:00
Andy Polyakov
6415dd7b2f crypto/ppc[cpuid|cap]: call CPU detection once and detect AltiVec. 2010-09-10 15:00:51 +00:00
Andy Polyakov
dd4a0af370 crypto/bn/asm/s390x.S: drop redundant instructions. 2010-09-10 14:53:36 +00:00
Andy Polyakov
7d1f55e9d9 Add ghash-s390x.pl. 2010-09-10 14:50:17 +00:00
Andy Polyakov
d52d5ad147 modes/asm/ghash-*.pl: switch to [more reproducible] performance results 
collected with 'apps/openssl speed ghash'.
 2010-09-05 19:52:14 +00:00
Andy Polyakov
a3b0c44b1b ghash-ia64.pl: 50% performance improvement of gcm_ghash_4bit. 2010-09-05 19:49:54 +00:00
Andy Polyakov
4b2603e46c sparcv9cap.c: disengange Solaris-specific CPU detection routine in favour 
of unified procedure relying on SIGILL.
PR: 2321
 2010-09-05 19:41:41 +00:00
Ben Laurie
5df2a2497a Fix warnings. 2010-09-05 16:34:49 +00:00
Dr. Stephen Henson
2ec4ccee1f fix bug in AES_unwrap() 2010-08-30 23:59:14 +00:00
Bodo Möller
396cb5657b More C language police work. 2010-08-27 13:17:59 +00:00
Bodo Möller
eb8ef241eb C conformity fixes: Move declarations before statements in all blocks. 2010-08-27 12:07:35 +00:00
Bodo Möller
1b5af90b45 C conformity fixes: 
- Move declarations before statements in all blocks.
- Where 64-bit type is required, use it explicitly (not 1l).
 2010-08-27 11:29:30 +00:00
Bodo Möller
76af94eb27 (formatting error) 2010-08-26 14:40:11 +00:00
Bodo Möller
04daec862c New 64-bit optimized implementation EC_GFp_nistp224_method(). 
This will only be compiled in if explicitly requested
(#ifdef EC_NISTP224_64_GCC_128).

Submitted by: Emilia Kasper (Google)
 2010-08-26 14:29:55 +00:00
Bodo Möller
c94f7f657b ECC library bugfixes. 
Submitted by: Emilia Kasper (Google)
 2010-08-26 12:11:01 +00:00
Andy Polyakov
836ea45350 gcm128.c: fix typo in CRYPTO_gcm128_encrypt_ctr32 name. 2010-08-23 14:32:20 +00:00
Andy Polyakov
3fdd168ffc crypto/modes/Makefile: fix typo in ghash-parisc.s rule. 2010-08-21 11:20:25 +00:00
Dr. Stephen Henson
0b789adc67 PR: 2315 
Use consistent calculation for PSS salt length.
 2010-08-10 13:01:49 +00:00
Andy Polyakov
33d9c8348a sha1-armv4-large.pl: reschedule instructions for dual-issue pipeline. 2010-08-03 15:34:57 +00:00
Andy Polyakov
dbe3611bbd rc5_locl.h: make inline assembler clang-friendly. 2010-08-02 21:51:07 +00:00
Andy Polyakov
f71c6aceeb gcm128.c: add CRYPTO_gcm128_[en|de]crypt_ctr32. 2010-08-02 21:39:51 +00:00
Andy Polyakov
30ab7af242 md32_common.h: modify MD32_REG_T pre-processing logic [triggered by clang]. 2010-08-02 09:32:26 +00:00
Dr. Stephen Henson
2948fbab3a Fix ctr mode properly this time.... 2010-07-28 16:53:28 +00:00
Dr. Stephen Henson
081464fa14 Make ctr mode behaviour consistent with other modes. 2010-07-28 11:03:09 +00:00
Andy Polyakov
b122e482f9 alphacpuid.pl: fix brown-bag bug. 2010-07-28 08:17:15 +00:00
Ben Laurie
a7a6aade9d Missing prototype. 2010-07-27 16:34:29 +00:00
Andy Polyakov
20d171377f aes-x86_64.pl: commit#19797 was overzealous, partially reverse. 2010-07-26 22:56:07 +00:00
Andy Polyakov
149b18078e Replace alphacpuid.s with alphacpuid.pl to ensure it makes to release tar-balls. 
PR: 2309
 2010-07-26 22:04:31 +00:00
Andy Polyakov
d5fe8c3459 sha1-alpha.pl: commentary update. 2010-07-26 21:57:10 +00:00
Andy Polyakov
6219d2c294 rc4-s390x.pl: harmonize build rule with other similar rules. 2010-07-26 21:56:16 +00:00
Andy Polyakov
85e28dfa6f ghash-ia64.pl: excuse myself from implementing "528B" variant. 2010-07-26 21:54:21 +00:00
Andy Polyakov
6559b40df0 modes/Makefile: update clean rule. 2010-07-26 21:53:01 +00:00
Andy Polyakov
3d85668ba2 eng_aesni.c: switch to CRYPTO_ctr128_encrypt_ctr32. 2010-07-26 21:50:39 +00:00
Andy Polyakov
058d83cfe9 aes-x86_64.pl: remove redundant instructions. 2010-07-26 21:48:39 +00:00
Andy Polyakov
a9e790b95a perlasm/x86_64-xlate.pl: extend SSE>2 to ml64. 2010-07-26 21:45:38 +00:00
Andy Polyakov
02f358da49 aesni-x86_64.pl: fix typos. 2010-07-26 21:44:03 +00:00
Andy Polyakov
133a7f9a50 perlasm/x86asm.pl: move aesni and pclmulqdq opcodes to aesni-x86.pl and 
ghash-x86.pl.
 2010-07-26 21:42:07 +00:00
Dr. Stephen Henson
eb1c48be6f Add new type ossl_ssize_t instead of ssize_t and move definitions to 
e_os2.h, this should fix WIN32 compilation issues and hopefully avoid
conflicts with other headers which may workaround ssize_t in different ways.
 2010-07-26 18:15:59 +00:00
Dr. Stephen Henson
2fd9664b0b #if out deleted function from headers so it isn't picked up by WIN32 build 
system.
 2010-07-26 18:15:13 +00:00
Dr. Stephen Henson
aa763c0f6d WIN32 build fix. 2010-07-26 13:17:17 +00:00
Dr. Stephen Henson
843b5a250a Update symhacks. 2010-07-25 19:12:45 +00:00
Andy Polyakov
d7d119a3c9 aesni-x86[_64].pl: fine-tune, add CCM subroutine, add performance data. 2010-07-25 15:17:01 +00:00
Dr. Stephen Henson
7bbd0de88d Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), 
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
 2010-07-21 16:14:48 +00:00
Andy Polyakov
26064d7f77 aes-s390x.pl: revisit buffer allocation and add performance data. 2010-07-14 08:43:38 +00:00
Andy Polyakov
c981086d40 sha1-armv4-large.pl: add performance data for Cortex A8 core. 2010-07-13 14:11:44 +00:00
Andy Polyakov
2d22e08083 ARM assembler pack: reschedule instructions for dual-issue pipeline. 
Modest improvement coefficients mean that code already had some
parallelism and there was not very much room for improvement. Special
thanks to Ted Krovetz for benchmarking the code with such patience.
 2010-07-13 14:03:31 +00:00
Dr. Stephen Henson
0852f90c30 PR: 2297 
Submitted by: Antony, Benoy <bantony@ebay.com>
Approved by: steve@openssl.org

Fix bug in AES wrap code when t > 0xff.
 2010-07-09 17:26:04 +00:00
Andy Polyakov
6acb4ff389 gcm128.c: API modification and readability improvements, 
add ghash benchmark to apps/speed.c.
 2010-07-09 14:10:51 +00:00
Andy Polyakov
874a3757af Rework framework for assembler support for AES counter mode and add 
AES_ctr32_encrypt to aes-s390x.pl.
 2010-07-09 12:21:52 +00:00
Andy Polyakov
1cbdca7bf2 Harmonize s390x assembler modules with "catch-all" rules from commit#19749. 2010-07-09 12:11:12 +00:00
Andy Polyakov
e216cd6ee9 armv4-mont.pl: addenum to previous commit#19749. 2010-07-08 15:06:01 +00:00
Andy Polyakov
396df7311e crypto/*/Makefile: unify "catch-all" assembler make rules and harmonize 
ARM assembler modules.
 2010-07-08 15:03:42 +00:00
Andy Polyakov
f04f3873f8 rand_nw.c: compensate for gcc bug (using %edx instead of %eax at -O3). 
PR: 2296
 2010-07-08 09:14:00 +00:00
Andy Polyakov
7c5889bf7a sparcv9cap.c: reiterate CPU detection logic. 2010-07-08 07:47:35 +00:00
Andy Polyakov
acbcc271b1 ghash-armv4.pl: excuse myself from implementing "528B" flavour. 2010-07-02 08:14:12 +00:00
Andy Polyakov
b28750877c ghash-sparcv9.pl: fix Makefile rule and add performance data for T1. 2010-07-02 08:09:30 +00:00
Andy Polyakov
d9218e11e2 crypto/sparc*: eliminate _sparcv9_rdwrasi. 2010-07-02 08:06:56 +00:00