Commit graph

312 commits

Author SHA1 Message Date
Andy Polyakov
8cfb6411ff engines/cchost/gost_crypt.c: fix typo. 2012-12-19 11:06:00 +00:00
Andy Polyakov
2c0093d294 engines/e_capi.c: fix typo.
Submitted by: Pierre Delaage
2012-12-19 10:54:47 +00:00
Andy Polyakov
947e129219 engine/cchost: fix bugs.
PR: 2821
Submitted by: Dmitry Belyavsky, Serguei Leontiev
2012-12-19 10:45:13 +00:00
Dr. Stephen Henson
c4fc172240 PR: 2880
Submitted by: "Florian Rüchel" <florian.ruechel@ruhr-uni-bochum.de>

Correctly handle local machine keys in the capi ENGINE.
2012-11-18 15:24:37 +00:00
Dr. Stephen Henson
d21bf10dea Don't load GOST ENGINE if it is already loaded.
Multiple copies of the ENGINE will cause problems when it is cleaned up as
the methods are stored in static structures which will be overwritten and
freed up more than once.

Set static methods to NULL when the ENGINE is freed so it can be reloaded.
2012-09-01 11:30:53 +00:00
Andy Polyakov
99e59d634a gosthash.c: use memmove in circle_xor8, as input pointers can be equal.
PR: 2858
2012-08-13 16:36:51 +00:00
Andy Polyakov
6251989eb6 x86_64 assembly pack: make it possible to compile with Perl located on
path with spaces.

PR: 2835
2012-06-27 10:08:23 +00:00
Ben Laurie
71fa451343 Version skew reduction: trivia (I hope). 2012-06-03 22:00:21 +00:00
Andy Polyakov
ed998634cd e_padlock-x86[_64].pl: better understanding of prefetch errata and proper
workaround.
2012-03-19 20:23:32 +00:00
Andy Polyakov
884c580e05 eng_all.c: revert previous "disable Padlock" commit, which was unjustified. 2012-03-19 20:20:41 +00:00
Dr. Stephen Henson
174b07be93 PR: 2744
Submitted by: Dmitry Belyavsky <beldmit@gmail.com>

CMS support for ccgost engine
2012-03-11 13:40:17 +00:00
Dr. Stephen Henson
797a2a102d PR: 2743
Reported by: Dmitry Belyavsky <beldmit@gmail.com>

Fix memory leak if invalid GOST MAC key given.
2012-02-29 14:13:00 +00:00
Dr. Stephen Henson
e626c77808 PR: 2703
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Fix some memory and resource leaks in CAPI ENGINE.
2012-02-11 23:13:10 +00:00
Dr. Stephen Henson
da2a5a79ef PR: 2705
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Only create ex_data indices once for CAPI engine.
2012-02-11 23:08:08 +00:00
Andy Polyakov
a50bce82ec Sanitize usage of <ctype.h> functions. It's important that characters
are passed zero-extended, not sign-extended.
PR: 2682
2012-01-12 16:21:35 +00:00
Dr. Stephen Henson
6bf896d9b1 Check GOST parameters are not NULL (CVE-2012-0027) 2012-01-04 23:03:40 +00:00
Ben Laurie
b9ef708e40 Padlock engine doesn't build (the asm parts are not built for some reason),
so remove for now.
2011-12-13 15:56:40 +00:00
Andy Polyakov
dce7f142a6 Configure: reimplement commit#21695. 2011-11-15 12:32:18 +00:00
Ben Laurie
ae55176091 Fix some warnings caused by __owur. Temporarily (I hope) remove the more
aspirational __owur annotations.
2011-11-14 00:36:10 +00:00
Andy Polyakov
f9542a4231 engines/: get rid of cvs warnings on MacOS X, proper clean in ccgost. 2011-11-12 12:13:13 +00:00
Bodo Möller
f391750205 "make update" (partial) 2011-10-19 15:29:14 +00:00
Andy Polyakov
5d77cdc591 engines/.cvsignore: stop whining about e_padlock-*.s. 2011-10-18 13:39:47 +00:00
Andy Polyakov
6c8ce3c2ff e_padlock-x86[_64].pl: protection against prefetch errata. 2011-10-11 21:07:53 +00:00
Andy Polyakov
b1d3e9de63 e_padlock-x86_64.pl: brown-bag bug in stack pointer handling. 2011-10-09 21:53:53 +00:00
Andy Polyakov
08d62e9f1a e_padlock-x86[_64].pl: SHA fixes, comply with specification and fix bug. 2011-10-08 21:37:44 +00:00
Andy Polyakov
50452b2e60 e_padlock: add CTR mode. 2011-10-05 17:03:44 +00:00
Andy Polyakov
d18762f7c9 e_padlock-x86_64.pl: fix typo. 2011-10-04 11:21:33 +00:00
Andy Polyakov
149ca7128c e_padlock-x86*.pl: Nano-related update. 2011-10-04 11:05:16 +00:00
Andy Polyakov
04c3aa5c1a e_padlock-x86.pl: previous C3-specific fix was incomplete. 2011-10-01 10:44:51 +00:00
Andy Polyakov
3edc26a256 e_padlock-x86.pl: make it work on VIA C3 (which doesn't support SSE2). 2011-10-01 10:16:13 +00:00
Andy Polyakov
2b1f17f83f Make latest assembler additions (vpaes and e_padlock) work in Windows build. 2011-09-18 15:40:11 +00:00
Andy Polyakov
33987f2f45 engines/asm/e_padlock-x86_64.pl: name it right and fix small bug. 2011-09-06 22:53:34 +00:00
Andy Polyakov
ed28aef8b4 Padlock engine: make it independent of inline assembler. 2011-09-06 20:45:36 +00:00
Dr. Stephen Henson
f7924634d4 PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Zero structure fields properly.
2011-09-01 13:45:46 +00:00
Dr. Stephen Henson
d3f6a5a01d PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Fix brace mismatch.
2011-09-01 13:37:37 +00:00
Andy Polyakov
87f6b97e89 e_padlock.c: fix typo. 2011-05-25 10:02:20 +00:00
Andy Polyakov
67d8487bb8 e_padlock.c: last x86_64 commit didn't work with some optimizers. 2011-05-24 17:18:19 +00:00
Andy Polyakov
b50842036f e_padlock.c: make it compile on MacOS X. 2011-05-18 16:21:54 +00:00
Dr. Stephen Henson
b9b0a177f8 new flag to stop ENGINE methods being registered 2011-05-15 15:56:49 +00:00
Dr. Stephen Henson
9609ea869d NULL is a valid cspname 2011-05-15 11:44:14 +00:00
Richard Levitte
3a660e7364 Corrections to the VMS build system.
Submitted by Steven M. Schweda <sms@antinode.info>
2011-03-25 16:20:35 +00:00
Richard Levitte
4ec3e8ca51 For VMS, implement the possibility to choose 64-bit pointers with
different options:
"64"		The build system will choose /POINTER_SIZE=64=ARGV if
		the compiler supports it, otherwise /POINTER_SIZE=64.
"64="		The build system will force /POINTER_SIZE=64.
"64=ARGV"	The build system will force /POINTER_SIZE=64=ARGV.
2011-03-25 09:40:48 +00:00
Richard Levitte
537c982306 After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS
submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 10:58:14 +00:00
Dr. Stephen Henson
a3654f0586 Include openssl/crypto.h first in several other files so FIPS renaming
is picked up.
2011-02-16 17:25:01 +00:00
Bodo Möller
9d0397e977 make update 2011-02-03 10:17:53 +00:00
Dr. Stephen Henson
eb164d0b12 stop warnings about no previous prototype when compiling shared engines 2011-01-30 01:30:48 +00:00
Richard Levitte
5b301b2fe3 PR: 2407
Fix fault include.
Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
2011-01-06 20:56:02 +00:00
Andy Polyakov
c329c6bac7 e_capi.c: rearrange #include-s to improve portability.
PR: 2394
2010-12-14 20:39:17 +00:00
Richard Levitte
b7ef916c38 First attempt at adding the possibility to set the pointer size for the builds on VMS.
PR: 2393
2010-12-14 19:19:04 +00:00
Andy Polyakov
cc4c230653 e_capi.c: change from ANSI to TCHAR domain. This makes it compilable on
Windows CE/Mobile, yet keeps it normal Windows loop.
PR: 2350
2010-12-12 20:26:09 +00:00
Richard Levitte
c8f0610d99 Synchronise with Unix and do all other needed modifications to have it
build on VMS again.
2010-11-22 22:04:41 +00:00
Dr. Stephen Henson
9ac0708f37 PR: 2375
Submitted by: Guenter <lists@gknw.net>
Reviewed by: steve

cleanup/fix e_aep.c for OpenWatcom
2010-11-18 23:00:02 +00:00
Dr. Stephen Henson
6b02f9fafb PR: 2374
Submitted by: Guenter <lists@gknw.net>
Reviewed by: steve

Don't compile capi ENGINE on mingw32
2010-11-18 22:57:02 +00:00
Andy Polyakov
f2c88f5282 engine/Makefile: harmonize engine install rule for .dylib extension on MacOS X.
PR: 2319
2010-08-24 21:45:41 +00:00
Ben Laurie
c8bbd98a2b Fix warnings. 2010-06-12 14:13:23 +00:00
Dr. Stephen Henson
19a45b8d47 Avoid use of ex_data free function in Chil ENGINE so it can be safely
reloaded.
2010-05-26 16:17:16 +00:00
Dr. Stephen Henson
ae7c67cace PR: 2254
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Check for <= 0 i2d return value.
2010-05-22 00:40:38 +00:00
Dr. Stephen Henson
e855d538de PR: 2255
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Place RSA dependent variable under #ifndef OPENSSL_NO_RSA
2010-05-15 00:19:44 +00:00
Dr. Stephen Henson
5d1a50ac2a fix bug in ccgost CFB mode code 2010-04-14 00:33:06 +00:00
Dr. Stephen Henson
af73b08ac0 check ASN1 type before using it 2010-04-14 00:30:32 +00:00
Dr. Stephen Henson
172f6b2d62 make GOST MAC work again 2010-04-08 10:55:04 +00:00
Dr. Stephen Henson
f2e8488b85 initialise buf if wrong_info not used 2010-03-24 23:42:05 +00:00
Andy Polyakov
82f385d71d e_capi.c: fix typo. 2010-03-15 22:28:48 +00:00
Dr. Stephen Henson
6c6bdd543d workaround for missing definition in some headers 2010-03-15 13:10:08 +00:00
Dr. Stephen Henson
00947cea0c PR: 2192
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>

The prompt_info and wrong_info parameters can be empty strings which
can produce confusing prompts. Treat empty string same as NULL.
2010-03-12 12:48:32 +00:00
Bodo Möller
2d9dcd4ff0 Always check bn_wexpend() return values for failure (CVE-2009-3245).
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)

Submitted by: Neel Mehta
2010-02-23 10:36:35 +00:00
Dr. Stephen Henson
439aab3afc Submitted by: Dmitry Ivanov <vonami@gmail.com>
Don't leave dangling pointers in GOST engine if calls fail.
2010-02-16 14:30:29 +00:00
Richard Levitte
407a410136 Have the VMS build system catch up with the 1.0.0-stable branch. 2010-01-27 09:18:42 +00:00
Richard Levitte
c8c07be883 size_t doesn't compare less than zero... 2010-01-27 01:18:21 +00:00
Dr. Stephen Henson
d5e8d8b547 PR: 2141
Submitted by: "NARUSE, Yui" <naruse@airemix.jp>

Remove non-ASCII comment which causes compilation errors on some versions
of VC++.
2010-01-19 19:28:18 +00:00
Dr. Stephen Henson
72a9776abc PR: 2135
Submitted by: Mike Frysinger <vapier@gentoo.org>

Change missed references to lib to $(LIBDIR)
2010-01-16 20:05:59 +00:00
Andy Polyakov
f87e307875 Adapt mingw config for newer mingw environment. Note modified conditional
compilation in e_capi.c.
PR: 2113
2009-12-30 11:46:54 +00:00
Bodo Möller
8580f8015f Use properly local variables for thread-safety.
Submitted by: Martin Rex
2009-12-22 11:52:17 +00:00
Dr. Stephen Henson
0f6e21385e PR: 1686
Submitted by: Hanno Böck <hanno@hboeck.de>
Approved by: steve@openssl.org

Create engines dir if it doesn't already exist.
2009-11-10 01:52:41 +00:00
Dr. Stephen Henson
4a1b71fb0c PR: 2070
Submitted by: Alexander Nikitovskiy <Nikitovski@ya.ru>
Approved by: steve@openssl.org

Fix wrong cast.
2009-10-19 13:16:01 +00:00
Dr. Stephen Henson
a0b3e0de6c Fixup sureware ENGINE to handle new RAND_METHOD 2009-09-23 23:49:04 +00:00
Dr. Stephen Henson
6727565a84 PR: 2003
Make it possible to install OpenSSL in directories with name other
than "lib" for example "lib64". Based on patch from Jeremy Utley.
2009-08-10 14:48:40 +00:00
Dr. Stephen Henson
c55d27ac33 Make update. 2009-07-08 09:19:53 +00:00
Dr. Stephen Henson
9458530d45 Update from 1.0.0-stable 2009-07-01 11:29:25 +00:00
Dr. Stephen Henson
f0288f05b9 Submitted by: Artem Chuprina <ran@cryptocom.ru>
Reviewed by: steve@openssl.org

Various GOST ciphersuite and ENGINE fixes. Including...

Allow EVP_PKEY_set_derive_peerkey() in encryption operations.

New flag when certificate verify should be omitted in client key exchange.
2009-06-16 16:38:47 +00:00
Dr. Stephen Henson
512cab0128 Fix error codes. 2009-06-15 11:18:31 +00:00
Dr. Stephen Henson
0b36857866 Update from 0.9.8-stable. 2009-05-29 14:02:57 +00:00
Richard Levitte
cc8cc9a3a1 Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
2009-05-15 16:36:56 +00:00
Andy Polyakov
3dccfc1e68 e_padlock.c: fix typo (missing #endif) and switch to __builtin_alloca
(with introduction of 64-bit support alloca must be  declared and there
is no standard way of doing that, switching to __bultin_alloca is
considered appropriate because code explicitly targets gcc anyway).
2009-05-12 20:19:09 +00:00
Dr. Stephen Henson
8002e3073b Typo. 2009-05-07 16:40:52 +00:00
Richard Levitte
7da74281d2 Do not try to link the support file(s), as they aren't a complete
engine ;-)
2009-05-06 13:56:50 +00:00
Richard Levitte
e6b0c0007f Make sure the padlock code compiles correctly even on hardware that
doesn't have padlocks.
2009-05-06 13:55:40 +00:00
Andy Polyakov
01483c269e Make CAPI engine UNICODE aware (it didn't work on Win64). 2009-05-03 13:52:01 +00:00
Richard Levitte
f8a2233457 Stupid typo 2009-04-28 12:48:02 +00:00
Richard Levitte
876708c67d Add padlock data
Redo the loop so it really compiles all objects for one engine, then
links the engine (until now, it still thought every file was an engine
of its own...).
2009-04-27 00:04:33 +00:00
Dr. Stephen Henson
d4f0339c66 Update from 1.0.0-stable. 2009-04-26 22:18:22 +00:00
Andy Polyakov
127186bf57 e_padlock: add support for x86_64 gcc. 2009-04-26 18:14:58 +00:00
Richard Levitte
d2617165ad Add local symbol hacks for OpenVMS 2009-04-26 12:26:00 +00:00
Dr. Stephen Henson
ef236ec3b2 Merge from 1.0.0-stable branch. 2009-04-23 16:32:42 +00:00
Dr. Stephen Henson
8711efb498 Updates from 1.0.0-stable branch. 2009-04-20 11:33:12 +00:00
Dr. Stephen Henson
e5fa864f62 Updates from 1.0.0-stable. 2009-04-15 15:27:03 +00:00
Dr. Stephen Henson
14023fe352 Merge from 1.0.0-stable branch. 2009-04-03 11:45:19 +00:00
Dr. Stephen Henson
70b2186e24 Stop warnings. 2009-03-31 19:54:51 +00:00
Dr. Stephen Henson
b6af2c7e3e Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
Reviewed by: steve@openssl.org

Update ccgost engine to support parameter files.
2009-03-17 15:38:34 +00:00
Dr. Stephen Henson
2c618ab993 Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
Reviewed by: steve@openssl.org

Change default Gost parameter set to id_Gost28147_89_CryptoPro_A_ParamSet
2009-02-16 21:52:01 +00:00