wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10794 commits 20 branches 302 tags 153 MiB
Commit graph

5579 commits

Author SHA1 Message Date
Andy Polyakov
fccec89084 aesni-sha256-x86_64.pl: fix typo in Windows SEH. 
(cherry picked from commit 42386fdb62)
 2013-06-30 23:14:04 +02:00
Andy Polyakov
6c7fa27404 PA-RISC assembler pack: switch to bve in 64-bit builds. 
PR: 3074
(cherry picked from commit 02450ec69d)
 2013-06-30 23:13:23 +02:00
Andy Polyakov
e7f9c08ab8 SPARC T4 DES support: fix typo. 
(cherry picked from commit 8ee3c7e676)
 2013-06-18 11:07:24 +02:00
Andy Polyakov
03c8441b14 Optimize SPARC T4 MONTMUL support. 
Improve RSA sing performance by 20-30% by:
- switching from floating-point to integer conditional moves;
- daisy-chaining sqr-sqr-sqr-sqr-sqr-mul sequences;
- using MONTMUL even during powers table setup;
(cherry picked from commit 4ddacd9921)
 2013-06-18 11:07:16 +02:00
Ben Laurie
e887c4187e Backport single makefile from master. 2013-06-13 15:09:48 +01:00
Ben Laurie
933aee6199 Wrong include path. 2013-06-13 13:26:22 +01:00
Andy Polyakov
f00962aaf3 aesni-sha1-x86_64.pl: update performance data. 
(cherry picked from commit 3b848d3401)
 2013-06-10 22:52:06 +02:00
Andy Polyakov
3eccd2e53a aesni-sha256-x86_64.pl: harmonize with latest sha512-x86_64.pl. 
(cherry picked from commit 42b9a4177b)
 2013-06-10 22:51:55 +02:00
Andy Polyakov
fcd0e61c24 sha1-x86_64.pl: add AVX2+BMI code path. 
(cherry picked from commit cd8d7335af)
 2013-06-10 22:51:47 +02:00
Andy Polyakov
e7a02b24c1 sha512-x86_64.pl: upcoming-Atom-specific optimization. 
(cherry picked from commit c7f690c243)
 2013-06-10 22:51:31 +02:00
Andy Polyakov
cbe6bb54e6 sha[256|512]-586.pl: add more SIMD code paths. 
(cherry picked from commit 32213d8d77)
 2013-06-10 22:50:32 +02:00
Andy Polyakov
23966faca4 ghash-x86_64.pl: add Haswell performance data. 
(cherry picked from commit b42759158d)
 2013-06-10 22:50:23 +02:00
Andy Polyakov
514f1a7835 x86cpuid.pl: fix extended feature flags detection. 
(cherry picked from commit 1bc0b68d7b)
 2013-06-10 22:49:35 +02:00
Dr. Stephen Henson
af908bc48b Don't use RC2 with PKCS#12 files in FIPS mode. 
(cherry picked from commit cdb6c48445)
 2013-06-05 15:06:02 +01:00
Dr. Stephen Henson
233ebcb543 Fix PSS signature printing. 
Fix PSS signature printing: consistently use 0x prefix for hex values for
padding length and trailer fields.
(cherry picked from commit deb24ad53147f5a8dd63416224a5edd7bbc0e74a)
 2013-06-05 15:06:02 +01:00
Dr. Stephen Henson
da0c007254 Reencode with X509_CRL_ctx_sign too. 
(cherry picked from commit 96940f4f2d0300c033379a87db0ff19e598c6264)
 2013-06-05 15:06:02 +01:00
Ben Laurie
e3120586fb Missing prototypes. 2013-06-04 15:14:18 +01:00
Ben Laurie
3941aa12f1 Remove added ;. 2013-06-04 15:05:18 +01:00
Andy Polyakov
0c10cf0ad6 crypto/modes: even more strict aliasing fixes [and fix bug in cbc128.c from 
previous cbc128.c commit].
 2013-06-04 14:31:23 +01:00
Andy Polyakov
62874a5a69 cbc128.c: fix strict aliasing warning. 2013-06-04 14:30:49 +01:00
Andy Polyakov
8c1f9c56fd crypto/bn/bn_exp.c: SPARC portability fix. 
(cherry picked from commit b69437e1e5)
 2013-06-01 09:59:54 +02:00
Andy Polyakov
75063c1527 aesni-sha1-x86_64.pl: Atom-specific optimization. 
(cherry picked from commit 4df2280b4f)
 2013-05-25 19:09:47 +02:00
Andy Polyakov
5de583aa91 sha512-x86_64.pl: +16% optimization for Atom. 
(and pending AVX2 changes).
(cherry picked from commit 504bbcf3cd)
 2013-05-25 19:04:48 +02:00
Andy Polyakov
a0675d8149 vpaes-x86[_64].pl: minor Atom-specific optimization. 
(cherry picked from commit 988d11b641)
 2013-05-25 18:58:54 +02:00
Andy Polyakov
a7e9ed95ec evp/e_aes.c: engage SPARC T4 AES support [from master]. 2013-05-20 16:36:53 +02:00
Andy Polyakov
615d0edf1f evp/e_aes.c: engage AES-NI GCM stitch. 2013-05-20 16:30:21 +02:00
Andy Polyakov
e775755dec evp/evp_err.c: update from master. 2013-05-20 16:16:34 +02:00
Andy Polyakov
a1bf7de5a7 evp/e_camellia.c: engage SPARC T5 Camellia support [from master]. 2013-05-20 16:09:13 +02:00
Andy Polyakov
047c02e8db evp/e_des[3].c: engage SPARC T4 DES support. 2013-05-20 16:08:39 +02:00
Andy Polyakov
c92989d2b7 Add BN support for SPARC VIS3 and T4 [from master]. 2013-05-20 15:48:13 +02:00
Andy Polyakov
039e7875ff md5_locl.h: enable assembly support on SPARC [from master]. 2013-05-20 00:33:09 +02:00
Andy Polyakov
48b7b96bd0 sparcv9cap.c: update from master. 2013-05-20 00:16:18 +02:00
Andy Polyakov
747b7a636a Add MD5 SPARC T4 code from master. 2013-05-20 00:08:15 +02:00
Andy Polyakov
635f56fabd Add SHA SPARC T4 code from master. 2013-05-20 00:04:38 +02:00
Andy Polyakov
c617bc0054 Add Camellia SPARC T4 module from master. 2013-05-19 23:58:54 +02:00
Andy Polyakov
d215724753 Add AES SPARC T4 module from master. 2013-05-19 23:54:34 +02:00
Andy Polyakov
9c1ee1bed5 Add DES SPARC T4 module from master. 2013-05-19 23:51:22 +02:00
Andy Polyakov
14ef63c15e Add perlasm/sparcv9_modes.pl from master. 2013-05-19 23:47:38 +02:00
Andy Polyakov
5a456140c1 des_enc.m4: update from master. 2013-05-19 23:43:12 +02:00
Andy Polyakov
1ff546737b evp/Makefile: fix typo. 2013-05-19 23:11:03 +02:00
Andy Polyakov
56f0b25754 Add EVP glue to AES-NI SHA256 stich [from master]. 2013-05-19 22:35:37 +02:00
Andy Polyakov
b0f78dc018 Add AES-NI SHA256 stitch and take it into build loop [from master]. 2013-05-19 22:23:18 +02:00
Andy Polyakov
1f2d194acf aesni-sha1-x86_64.pl: update from master. 2013-05-19 22:18:52 +02:00
Andy Polyakov
aacfb2a2c6 Add AES-NI GCM stich and take it into build loop [from master]. 2013-05-19 22:06:18 +02:00
Andy Polyakov
0ba304dd31 gcm128.c: update from master (add AVX and VIS3 support). 2013-05-19 21:55:30 +02:00
Andy Polyakov
8eb2da5fbb ghash-sparcv9.pl: update from master. 2013-05-19 21:53:14 +02:00
Andy Polyakov
d1896e8ccd ghash-x86_64.pl: update from master. 2013-05-19 21:51:19 +02:00
Andy Polyakov
0edcb7a556 ghash-x86.pl: update from master. 2013-05-19 21:46:03 +02:00
Andy Polyakov
ecc2c5d81a sha512-x86_64.pl: update from master. 2013-05-19 21:36:54 +02:00
Andy Polyakov
441dec8e9f sha512-586.pl: update from master. 2013-05-19 21:36:38 +02:00
Andy Polyakov
4f566c360b sha256-598.pl: update from master. 2013-05-19 21:35:55 +02:00
Andy Polyakov
e10cd58090 sha1-x86_64.pl: update from master. 2013-05-19 21:33:04 +02:00
Andy Polyakov
5c8ae6d93e sha1-586.pl: update from master. 2013-05-19 21:32:29 +02:00
Andy Polyakov
e72f7677bf crypto/perlasm: update from master. 2013-05-19 21:27:59 +02:00
Dr. Stephen Henson
8659dc73f4 Reencode certificates in X509_sign_ctx. 
Reencode certificates in X509_sign_ctx as well as X509_sign.

This was causing a problem in the x509 application when it modified an
existing certificate.
(cherry picked from commit c6d8adb8a4)
 2013-05-02 12:24:33 +01:00
Andy Polyakov
07464787a8 crypto/modes/modes_lcl.h: let STRICT_ALIGNMENT be on ARMv7. 
While ARMv7 in general is capable of unaligned access, not all instructions
actually are. And trouble is that compiler doesn't seem to differentiate
those capable and incapable of unaligned access. Side effect is that kernel
goes into endless loop retrying same instruction triggering unaligned trap.
Problem was observed in xts128.c and ccm128.c modules. It's possible to
resolve it by using (volatile u32*) casts, but letting STRICT_ALIGNMENT
be feels more appropriate.
(cherry picked from commit 3bdd80521a)
 2013-04-13 21:19:16 +02:00
Dr. Stephen Henson
a8cc9f1873 Typo. 
(cherry picked from commit 0ded2a0689)
 2013-03-31 17:43:42 +01:00
Matt Caswell
4e5b9645e8 Make binary curve ASN.1 work in FIPS mode. 
Don't check for binary curves by checking methods: the values will
be different in FIPS mode as they are redirected to the validated module
version.
(cherry picked from commit 94782e0e9c)
 2013-03-26 16:58:29 +00:00
Dr. Stephen Henson
04347839ea enhance EC method to support setting curve type when generating keys and add parameter encoding option 
(cherry picked from commit 24edfa9df9)
 2013-03-20 15:54:05 +00:00
Andy Polyakov
2a1ab7b438 x86cpuid.pl: make it work with older CPUs. 
PR: 3005
(cherry picked from commit 5702e965d7)
 2013-03-18 19:50:09 +01:00
Andy Polyakov
dd1e4fbcc0 e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms. 
PR: 3002
(cherry picked from commit 5c60046553)
 2013-03-18 19:35:20 +01:00
Dr. Stephen Henson
d7e429b91d Encode INTEGER correctly. 
If an ASN1_INTEGER structure is allocated but not explicitly set encode
it as zero: don't generate an invalid zero length INTEGER.
(cherry picked from commit 1643edc63c)
 2013-03-18 14:22:01 +00:00
Andy Polyakov
2d9be79407 x86_64-gf2m.pl: fix typo. 
(cherry picked from commit 342dbbbe4e)
 2013-03-01 22:37:53 +01:00
Andy Polyakov
2e4b7eede3 x86_64-gf2m.pl: add missing Windows build fix for #2963. 
PR: 3004
(cherry picked from commit 7c43601d44)
 2013-03-01 21:57:25 +01:00
Dr. Stephen Henson
e1dee801b9 Add function CMS_RecipientInfo_encrypt 
Add CMS_RecipientInfo_encrypt: this function encrypts an existing content
encryption key to match the key in the RecipientInfo structure: this is
useful if a new recpient is added to and existing enveloped data structure.

Add documentation.
(cherry picked from commit e1f1d28f34)
 2013-02-26 17:06:08 +00:00
Andy Polyakov
b9eef98883 bn_nist.c: work around clang 3.0 bug. 
(cherry picked from commit 750398acd8)
 2013-02-16 11:37:38 +01:00
Andy Polyakov
a3e66779d3 sparccpuid.S: work around emulator bug on T1. 
(cherry picked from commit 3caeef94bd)
 2013-02-11 10:41:22 +01:00
Andy Polyakov
82425f2c28 e_aes_cbc_hmac_sha1.c: align calculated MAC at cache line. 
It also ensures that valgring is happy.
(cherry picked from commit 2141e6f30b)
 2013-02-08 10:35:02 +01:00
Andy Polyakov
af010edd55 e_aes_cbc_hmac_sha1.c: cleanse temporary copy of HMAC secret. 
(cherry picked from commit 529d27ea47)
 2013-02-06 13:56:15 +00:00
Andy Polyakov
5966f4d973 e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. 
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
(cherry picked from commit 125093b59f)
 2013-02-06 13:56:15 +00:00
Ben Laurie
fb0a59cc58 Make CBC decoding constant time. 
This patch makes the decoding of SSLv3 and TLS CBC records constant
time. Without this, a timing side-channel can be used to build a padding
oracle and mount Vaudenay's attack.

This patch also disables the stitched AESNI+SHA mode pending a similar
fix to that code.

In order to be easy to backport, this change is implemented in ssl/,
rather than as a generic AEAD mode. In the future this should be changed
around so that HMAC isn't in ssl/, but crypto/ as FIPS expects.
(cherry picked from commit e130841bcc)
 2013-02-06 13:56:12 +00:00
Ben Laurie
f5cd3561ba Add and use a constant-time memcmp. 
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a)
 2013-02-06 13:56:12 +00:00
Andy Polyakov
2a713eadc3 bn_word.c: fix overflow bug in BN_add_word. 
(cherry picked from commit 134c00659a)
 2013-02-02 22:37:35 +01:00
Andy Polyakov
2e7900b624 x86_64 assembly pack: keep making Windows build more robust. 
PR: 2963 and a number of others
(cherry picked from commit 4568182a8b)
 2013-02-02 19:56:43 +01:00
Dr. Stephen Henson
1db4354b53 Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP set 2013-01-23 01:11:05 +00:00
Andy Polyakov
3f233a1e77 x86_64 assembly pack: make Windows build more robust [from master]. 
PR: 2963 and a number of others
 2013-01-22 22:51:29 +01:00
Andy Polyakov
b17ffba915 bn/asm/mips.pl: hardwire local call to bn_div_words. 2013-01-22 21:16:02 +01:00
Dr. Stephen Henson
3619e34f50 Don't include comp.h if no-comp set. 2013-01-20 01:10:03 +00:00
Dr. Stephen Henson
6a10f38daa initial support for delta CRL generations by diffing two full CRLs 2013-01-17 18:51:50 +00:00
Dr. Stephen Henson
c644b83227 constify 2013-01-17 16:35:50 +00:00
Dr. Stephen Henson
75f535315a New functions to set lookup_crls callback and to retrieve internal X509_STORE 
from X509_STORE_CTX.
 2013-01-17 16:32:33 +00:00
Dr. Stephen Henson
2aa3ef78b6 print out issuer and subject unique identifier fields in certificates 2013-01-16 15:08:34 +00:00
Dr. Stephen Henson
1c0964e87f add wrapper function for certificate download 2013-01-15 18:01:54 +00:00
Dr. Stephen Henson
5c8d41be85 Generalise OCSP I/O functions to support dowloading of other ASN1 
structures using HTTP. Add wrapper function to handle CRL download.
 2013-01-15 18:01:31 +00:00
Dr. Stephen Henson
75a8ff9263 make update 2013-01-15 16:24:07 +00:00
Ben Laurie
24c45faba0 Fix some clang warnings. 2013-01-13 21:06:36 +00:00
Dr. Stephen Henson
1c25ed5dbb In FIPS mode use PKCS#8 format when writing private keys: 
traditional format uses MD5 which is prohibited in FIPS mode.
 2013-01-07 16:16:43 +00:00
Ben Laurie
72dfff2d5e Fix warning. 2013-01-06 21:03:05 +00:00
Dr. Stephen Henson
321a9fea75 make no-comp compile 2012-12-30 16:05:03 +00:00
Dr. Stephen Henson
29113688a1 Portability fix: use BIO_snprintf and pick up strcasecmp alternative 
definitions from e_os.h
 2012-12-26 23:51:41 +00:00
Dr. Stephen Henson
28fbbe3b1b Add missing prototype to x509.h 2012-12-26 16:11:10 +00:00
Dr. Stephen Henson
8d2dbe6ac0 New function X509_chain_up_ref to dup and up the reference count of 
a STACK_OF(X509): replace equivalent functionality in several places
by the equivalent call.
(backport from HEAD)
 2012-12-26 16:04:03 +00:00
Dr. Stephen Henson
ba8bdea771 add suite B chain validation flags and associated verify errors 
(backport from HEAD)
 2012-12-26 16:01:31 +00:00
Dr. Stephen Henson
3d9916298a Oops, add missing v3nametest.c 2012-12-26 15:59:57 +00:00
Dr. Stephen Henson
7d779eefb4 add ssl_locl.h to err header files, rebuild ssl error strings 
(backport from HEAD)
 2012-12-26 15:09:16 +00:00
Dr. Stephen Henson
bd9fc1d667 New functions to retrieve certificate signatures and signature OID NID. 
(backport from HEAD)
 2012-12-26 14:31:05 +00:00
Dr. Stephen Henson
2b5e5c3d08 Revert incompatible OCSP_basic_verify changes. 
Make partial chain chekcing work with EE certificates only.
Remove unneeded -trust_other option from tocsp.
(Backport from HEAD)
 2012-12-26 14:12:09 +00:00
Dr. Stephen Henson
70cd3c6b95 Integrate host, email and IP address checks into X509_verify. 
Add new verify options to set checks.

(backport from HEAD)
 2012-12-19 15:14:10 +00:00
Dr. Stephen Henson
45da1efcdb Backport X509 hostname, IP address and email checking code from HEAD. 2012-12-19 15:01:59 +00:00
Dr. Stephen Henson
54a0076e94 Check chain is not NULL before assuming we have a validated chain. The 
modification to the OCSP helper purpose breaks normal OCSP verification. It is
no longer needed now we can trust partial chains.
 2012-12-19 15:01:32 +00:00
Dr. Stephen Henson
2e65277695 Use new partial chain flag instead of modifying input parameters. 
(backport from HEAD)
 2012-12-14 14:31:16 +00:00
Dr. Stephen Henson
9a1f59cd31 New verify flag to return success if we have any certificate in the trusted 
store instead of the default which is to return an error if we can't build
the complete chain. [backport from HEAD]
 2012-12-14 14:30:46 +00:00
Ben Laurie
d65b8b2162 Backport OCSP fixes. 2012-12-14 12:53:53 +00:00
Ben Laurie
2a2e537983 Ignore more. 2012-12-13 12:43:18 +00:00
Dr. Stephen Henson
e04ccbc5cc Fix two bugs which affect delta CRL handling: 
Use -1 to check all extensions in CRLs.
Always set flag for freshest CRL.
 2012-12-06 18:24:47 +00:00
Andy Polyakov
bc946bfb97 aes-s390x.pl: fix XTS bugs in z196-specific code path [from HEAD]. 2012-12-05 17:45:09 +00:00
Andy Polyakov
c5e91a9ae9 aes-s390x.pl: harmonize software-only path [from HEAD]. 2012-12-01 11:09:13 +00:00
Dr. Stephen Henson
b5f57f455a PR: 2803 
Submitted by: jean-etienne.schwartz@bull.net

In OCSP_basic_varify return an error if X509_STORE_CTX_init fails.
 2012-11-29 19:15:27 +00:00
Andy Polyakov
ad00a52f2d Intel compiler support update from HEAD. 2012-11-28 13:12:09 +00:00
Andy Polyakov
a060fc3b8e x86_64-gcc.c: resore early clobber constraint [from HEAD]. 
Submitted by: Florian Weimer
 2012-11-19 15:02:34 +00:00
Andy Polyakov
d90bf2ab21 [vp]aes-x86[_64].pl: update from HEAD. 2012-11-12 18:11:17 +00:00
Andy Polyakov
aa963813ed linux-ppc: make it more robust [from HEAD]. 2012-10-21 18:25:29 +00:00
Dr. Stephen Henson
9a6aff50ff Don't require tag before ciphertext in AESGCM mode 2012-10-16 22:46:32 +00:00
Bodo Möller
b626f0396c Fix EC_KEY initialization race. 
Submitted by: Adam Langley
 2012-10-05 20:50:38 +00:00
Dr. Stephen Henson
9d2006d8ed add -trusted_first option and verify flag (backport from HEAD) 2012-09-26 13:50:42 +00:00
Bodo Möller
abf1e32f2f Fix Valgrind warning. 
Submitted by: Adam Langley
 2012-09-24 19:49:25 +00:00
Andy Polyakov
988037fe18 MIPS assembly pack: jumbo update from HEAD. 2012-09-19 20:59:18 +00:00
Bodo Möller
9a7f80c869 Fix warning. 
Submitted by: Chromium Authors
 2012-09-17 17:23:43 +00:00
Andy Polyakov
507e5c3a61 e_aes.c: uninitialized variable in aes_ccm_init_key [from HEAD]. 
PR: 2874
Submitted by: Tomas Mraz
 2012-09-15 08:46:08 +00:00
Andy Polyakov
d46a1a6178 bn_lcl.h: gcc removed support for "h" constraint, which broke inline 
assembler [from HEAD].
 2012-09-01 13:21:24 +00:00
Andy Polyakov
3ebe87473c x86cpuid.pl: hide symbols [backport from x86_64, from HEAD]. 2012-08-29 14:24:18 +00:00
Andy Polyakov
0e05b51fe5 Add linux-x32 target [from HEAD]. 2012-08-29 14:12:10 +00:00
Dr. Stephen Henson
c759e453bc PR: 2786 
Reported by: Tomas Mraz <tmraz@redhat.com>

Treat a NULL value passed to drbg_free_entropy callback as non-op. This
can happen if the call to fips_get_entropy fails.
 2012-08-22 22:43:03 +00:00
Andy Polyakov
40ce8fca73 sha1-armv4-large.pl: comply with ABI [from HEAD]. 2012-08-17 19:58:34 +00:00
Andy Polyakov
8e1c33e160 MIPS assembly pack updates from HEAD. 2012-08-17 09:41:30 +00:00
Andy Polyakov
13b0cae256 aes-mips.pl: harmonize with fips module. 
PR: 2863
Submitted by: Duane Sand
 2012-08-17 09:03:57 +00:00
Andy Polyakov
ae92994645 bss_dgram.c: fix compilation failure and warning on Windows with 
contemporary SDK [from HEAD].
 2012-08-14 09:53:41 +00:00
Andy Polyakov
f0a069c1a2 gcm128.c: fix AAD-only case with AAD length not divisible by 16 [from HEAD]. 
PR: 2859
Submitted by: John Foley
 2012-08-13 15:31:10 +00:00
Dr. Stephen Henson
5b4b9ce976 Don't ignore (!) reference count in X509_STORE_free. 2012-07-19 12:48:02 +00:00
Dr. Stephen Henson
7fbcc2f24a type 2012-07-13 11:17:56 +00:00
Richard Levitte
e4be79a383 Add the missing dh_rfc5114 and evp_cnf. 2012-07-05 13:00:45 +00:00
Richard Levitte
658604473f Added aliases for symbols longer than 31 chars. 2012-07-05 09:08:18 +00:00
Richard Levitte
86bea6455c remove duplicate symbol in crypto/symhacks.h 
Have the new names start in column 48, that makes it easy to see when
the 31 character limit is reached (on a 80 column display, do the math)
 2012-07-05 08:53:43 +00:00
Dr. Stephen Henson
1e4a6e7b7f add missing evp_cnf.c file 2012-07-04 13:14:44 +00:00
Andy Polyakov
fd6a72fa1c crypto/bn/*.h: move PTR_SIZE_INT to private header [from HEAD]. 2012-07-04 08:51:44 +00:00
Dr. Stephen Henson
74d89b0d93 PR: 2840 
Reported by: David McCullough <david_mccullough@mcafee.com>

Restore fips configuration module from 0.9.8.
 2012-07-03 20:20:11 +00:00
Andy Polyakov
5b7af6de43 bn_nist.c: harmonize buf in BN_nist_mod_256 with other mod functions and 
compensate for VC buf [from HEAD].

PR: 2837
 2012-07-02 14:38:22 +00:00
Andy Polyakov
ae414a0e42 bss_dgram.c: fix typos in Windows code [from HEAD]. 2012-07-01 09:12:03 +00:00
Andy Polyakov
8b654459be x86_64 assembly pack: make it possible to compile with Perl located 
on path with spaces [from HEAD].

PR: 2835
 2012-06-27 12:48:50 +00:00
Andy Polyakov
3e8b4b5055 bss_dgram.c: add BIO_CTRL_DGRAM_SET_DONT_FRAG, fix bugs [from HEAD]. 
PR: 2830, 2833
 2012-06-19 12:28:47 +00:00
Dr. Stephen Henson
e51ec51af9 revert more "version skew" changes that break FIPS builds 2012-06-10 23:02:06 +00:00
Dr. Stephen Henson
ff1c55e983 Revert "version skew" patches that break FIPS compilation 2012-06-09 23:36:38 +00:00
Ben Laurie
ff46820da6 Version skew reduction. 2012-06-06 12:41:46 +00:00
Andy Polyakov
6fba65e20d x86gas.pl: update from HEAD. 2012-06-04 22:14:25 +00:00
Ben Laurie
68d2cf51bc Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
Ben Laurie
0de5a0feee Work around macro issue with FreeBSD and gcc 4.6. 2012-05-18 12:40:28 +00:00
Andy Polyakov
67fda0c12e ppccap.c: assume no features under 32-bit AIX kernel [from HEAD]. 
PR: 2810
 2012-05-16 18:18:14 +00:00
Dr. Stephen Henson
1dded7f7e8 Experimental multi-implementation support for FIPS capable OpenSSL. 
When in FIPS mode the approved implementations are used as normal,
when not in FIPS mode the internal unapproved versions are used instead.
This means that the FIPS capable OpenSSL isn't forced to use the
(often lower perfomance) FIPS implementations outside FIPS mode.
 2012-05-13 18:40:12 +00:00
Dr. Stephen Henson
482f238069 PR: 2813 
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.
 2012-05-11 13:53:23 +00:00
Dr. Stephen Henson
24547c23ca Reported by: Solar Designer of Openwall 
Make sure tkeylen is initialised properly when encrypting CMS messages.
 2012-05-10 13:44:24 +00:00
Andy Polyakov
95416ce5b3 ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance 
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA,
why slower algorithm are affected more... [from HEAD].
PR: 2794
Submitted by: Ashley Lai
 2012-04-27 20:19:23 +00:00
Andy Polyakov
8e7ccf6ff7 objxref.pl: improve portability [from HEAD]. 2012-04-22 21:19:41 +00:00
Dr. Stephen Henson
51b77c0337 correct error code 2012-04-22 13:31:19 +00:00
Dr. Stephen Henson
1cc8410e36 PR: 2239 
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>

Add Brainpool curves from RFC5639.

Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
 2012-04-22 13:11:48 +00:00
Andy Polyakov
6ca7af9ec0 e_rc4_hmac_md5.c: reapply commit#21726, which was erroneously omitted [from 1.0.1]. 
PR: 2797, 2792
 2012-04-20 21:45:21 +00:00
Dr. Stephen Henson
bc2c8efc80 call OPENSSL_init when calling FIPS_mode too 2012-04-20 14:43:14 +00:00
Dr. Stephen Henson
00bb875240 make ciphers work again for FIPS builds 2012-04-20 00:08:32 +00:00
Andy Polyakov
c3cb563d87 e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms 
[from HEAD].
PR: 2792
 2012-04-19 20:42:24 +00:00
Dr. Stephen Henson
564a503b1b Check for potentially exploitable overflows in asn1_d2i_read_bio 
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
 2012-04-19 16:19:07 +00:00
Dr. Stephen Henson
068fc255ac only call FIPS_cipherinit in FIPS mode 2012-04-18 22:42:06 +00:00
Andy Polyakov
cc8f2fb917 e_rc4_hmac_md5.c: update from HEAD, fixes crash on legacy Intel CPUs. 
PR: 2792
 2012-04-18 17:51:26 +00:00
Dr. Stephen Henson
b583ebb7dd recognise X9.42 DH certificates on servers 2012-04-18 17:03:45 +00:00
Andy Polyakov
f6a1939f0f OPENSSL_NO_SOCK fixes [from HEAD]. 
PR: 2791
Submitted by: Ben Noordhuis
 2012-04-16 17:43:02 +00:00
Andy Polyakov
94c666479d Minor compatibility fixes [from HEAD]. 
PR: 2790
Submitted by: Alexei Khlebnikov
 2012-04-16 17:35:48 +00:00
Andy Polyakov
eb8a65db16 e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag 
countermeasure [from HEAD].

PR: 2778
 2012-04-15 14:23:26 +00:00
Andy Polyakov
e6255a7d1e s390x asm pack: fix typos. 2012-04-12 06:46:49 +00:00
Dr. Stephen Henson
65331f225a oops, macro not present in OpenSSL 1.0.2 2012-04-11 15:10:48 +00:00
Dr. Stephen Henson
64e8dc7981 fix reset fix 2012-04-11 15:05:33 +00:00
Dr. Stephen Henson
737fe7ea29 make reinitialisation work for CMAC 2012-04-11 12:26:27 +00:00
Andy Polyakov
bc0f56d6d7 aes-s390x.pl: fix crash in AES_set_decrypt_key in linux32-s390x build [from HEAD]. 2012-04-09 15:12:30 +00:00
Dr. Stephen Henson
c3cb069108 transparently handle X9.42 DH parameters 
(backport from HEAD)
 2012-04-07 20:42:44 +00:00
Dr. Stephen Henson
491734eb21 Initial experimental support for X9.42 DH parameter format to handle 
RFC5114 parameters and X9.42 DH public and private keys.
(backport from HEAD)
 2012-04-07 20:22:11 +00:00
Dr. Stephen Henson
4e891a191d branches: 1.2.2; 
Correct some parameter values.
(backport from HEAD)
 2012-04-07 17:41:51 +00:00
Dr. Stephen Henson
b73a69a9c2 Update DH_check() to peform sensible checks when q parameter is present. 
(backport from HEAD)
 2012-04-07 17:40:08 +00:00
Dr. Stephen Henson
e811eff5a9 Add RFC5114 DH parameters to OpenSSL. Add test data to dhtest. 
(backport from HEAD)
 2012-04-07 12:19:50 +00:00
Dr. Stephen Henson
a068a1d0e3 Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convert 
between NIDs and the more common NIST names such as "P-256". Enhance
ecparam utility and ECC method to recognise the NIST names for curves.
(backport from HEAD)
 2012-04-06 17:35:01 +00:00
Dr. Stephen Henson
0cb9dbed4e Backport: allow key agreement in SSL/TLS certificates (from HEAD) 2012-04-06 11:36:35 +00:00
Andy Polyakov
8cd2ea552e aes-armv4.pl: make it more foolproof [inspired by aes-s390x.pl in 1.0.1]. 2012-04-05 08:32:08 +00:00
Andy Polyakov
3f0becbf75 aes-s390x.pl: fix endless loop in linux32-s390x build [from 1.0.1]. 2012-04-05 08:17:47 +00:00
Andy Polyakov
7b087bf4a9 modes_lcl.h: make it work on i386 [from HEAD]. 
PR: 2780
 2012-03-31 17:03:43 +00:00
Andy Polyakov
9df9c9d102 vpaes-x86[_64].pl: handle zero length in vpaes_cbc_encrypt [from HEAD]. 
PR: 2775
 2012-03-31 16:55:34 +00:00
Andy Polyakov
265863c6a4 bn/bn_gf2m.c: make new BN_GF2m_mod_inv work with BN_DEBUG_RAND [from HEAD]. 2012-03-30 17:41:00 +00:00
Andy Polyakov
2fee1e0666 ans1/tasn_prn.c: avoid bool in variable names [from HEAD]. 
PR: 2776
 2012-03-29 19:11:59 +00:00
Andy Polyakov
b4ff166cbc perlasm/x86masm.pl: fix last fix [from HEAD]. 2012-03-29 19:11:08 +00:00
Dr. Stephen Henson
861a0722c2 fix leak 2012-03-22 16:28:21 +00:00
Dr. Stephen Henson
b1cef8d984 Submitted by: Markus Friedl <mfriedl@gmail.com> 
Fix memory leaks in 'goto err' cases.
 2012-03-22 15:43:28 +00:00
Dr. Stephen Henson
b911523977 set version to 1.0.2-dev 2012-03-22 15:29:21 +00:00
Andy Polyakov
d68d160cb7 bsaes-x86_64.pl: optimize key conversion [from HEAD]. 2012-03-16 21:45:51 +00:00
Dr. Stephen Henson
f3dcae15ac prepare for 1.0.1 release 2012-03-14 12:04:40 +00:00
Andy Polyakov
bcf9cf89e7 x86_64-xlate.pl: remove old kludge. 
PR: 2435,2440
 2012-03-13 19:19:31 +00:00
Dr. Stephen Henson
f0729fc3e0 corrected fix to PR#2711 and also cover mime_param_cmp 2012-03-12 16:29:47 +00:00
Dr. Stephen Henson
8186c00ef3 Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 16:27:50 +00:00
Dr. Stephen Henson
66fdb1c0d4 check return value of BIO_write in PKCS7_decrypt 2012-03-08 14:02:51 +00:00
Dr. Stephen Henson
25bfdca16a PR: 2755 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
 2012-03-06 13:47:27 +00:00
Richard Levitte
70505bc334 For OpenVMS, use inttypes.h instead of stdint.h 2012-03-01 21:29:16 +00:00
Dr. Stephen Henson
a8595879ec PR: 2742 
Reported by: Dmitry Belyavsky <beldmit@gmail.com>

If resigning with detached content in CMS just copy data across.
 2012-02-29 14:01:53 +00:00
Dr. Stephen Henson
33a688e806 Fix memory leak cause by race condition when creating public keys. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-28 14:47:16 +00:00
Andy Polyakov
5c2bfad9b4 x86cpuid.pl: fix processor capability detection on pre-586 [from HEAD]. 2012-02-28 14:20:34 +00:00
Dr. Stephen Henson
250f979237 PR: 2736 
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
 2012-02-27 18:45:18 +00:00
Dr. Stephen Henson
b527b6e8ff PR: 2737 
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Fix double free in PKCS12_parse if we run out of memory.
 2012-02-27 16:46:45 +00:00