Dr. Stephen Henson
61cdb9f36a
Backport GCM support from HEAD. Minimal support at present: no assembly
...
language optimisation. [original by Andy]
2011-08-04 11:12:38 +00:00
Dr. Stephen Henson
1acd042c85
fix memory leak
2011-08-03 16:40:14 +00:00
Dr. Stephen Henson
572712d82a
recognise ecdsaWithSHA1 OID
2011-07-28 14:42:53 +00:00
Dr. Stephen Henson
d1697a7556
Disable rsax for Windows: it doesn't currently work.
2011-07-25 23:45:49 +00:00
Dr. Stephen Henson
c8c6e9ecd9
Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support and
...
prohibit use of these ciphersuites for TLS < 1.2
2011-07-25 21:45:17 +00:00
Andy Polyakov
90f3e4cf05
Back-port TLS AEAD framework [from HEAD].
2011-07-21 19:22:57 +00:00
Dr. Stephen Henson
7bd8bf58bb
stop warnings
2011-07-21 13:45:17 +00:00
Andy Polyakov
1190d3f442
Add RSAX builtin engine [from HEAD].
2011-07-20 21:51:33 +00:00
Dr. Stephen Henson
0e4f5cfbab
PR: 2559
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS socket error bug
2011-07-20 15:22:02 +00:00
Dr. Stephen Henson
f1c8db9f8c
PR: 2555
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS sequence number bug
2011-07-20 15:17:42 +00:00
Dr. Stephen Henson
2c9abbd554
PR: 2550
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS HelloVerifyRequest Timer bug
2011-07-20 15:13:43 +00:00
Dr. Stephen Henson
2305ae5d8c
PR: 2556 (partial)
...
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve
Fix OID routines.
Check on encoding leading zero rejection should start at beginning of
encoding.
Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
2011-07-14 12:01:36 +00:00
Andy Polyakov
dec54bd0ba
ms/uplink.c: fix Visual Studio 2010 warning [from HEAD].
2011-07-13 14:54:56 +00:00
Andy Polyakov
aade369737
config: config: detect if assembler supports --noexecstack and pass it down
...
[from HEAD].
2011-07-13 14:25:22 +00:00
Andy Polyakov
2a5e042c70
perlasm/cbc.pl: fix tail processing bug [from HEAD].
...
PR: 2557
2011-07-13 06:22:46 +00:00
Bodo Möller
1dc4c8c727
Fix typo.
...
Submitted by: Jim Morrison
2011-07-11 12:13:56 +00:00
Dr. Stephen Henson
7ca035db88
Update ordinals.
2011-07-08 12:12:30 +00:00
Andy Polyakov
a460c42f94
x86_64-xlate.pl: update from HEAD.
2011-07-04 13:11:55 +00:00
Andy Polyakov
d16743e728
sha1-x86_64.pl: nasm-related update from HEAD.
2011-07-04 13:01:42 +00:00
Andy Polyakov
4a29fa8caf
sha1-x86_64.pl: fix win64-specific typos and add masm support [from HEAD].
2011-07-01 21:24:39 +00:00
Andy Polyakov
250bb54dba
x86_64-xlate.pl: masm-specific update.
2011-07-01 21:22:13 +00:00
Dr. Stephen Henson
847d05d0b4
No need for trailing slash any more.
2011-07-01 14:15:02 +00:00
Dr. Stephen Henson
8315aa03fc
Fix assembly language function renaming so it works on WIN64.
2011-07-01 14:13:52 +00:00
Andy Polyakov
b7a4c480d6
Configure: add aesni-x86_64.o to VC-WIN64A line.
2011-06-28 18:20:25 +00:00
Andy Polyakov
9a35faaa29
rc4-x86[_64].pl: back-sync with original 1.0.1.
2011-06-28 15:04:31 +00:00
Andy Polyakov
fbe2e28911
AES-NI backport from HEAD. Note that e_aes.c doesn't implement all modes
...
from HEAD yet, more will be back-ported later.
2011-06-28 14:49:35 +00:00
Andy Polyakov
84968e25f3
x86[_64] assembler pack: back-port SHA1 and RC4 from HEAD.
2011-06-28 13:53:50 +00:00
Andy Polyakov
10fd0b7b55
x86[_64]cpuid.pl: harmonize OPENSSL_ia32_cpuid [from HEAD].
2011-06-28 13:40:19 +00:00
Andy Polyakov
4a46dc6e5c
x86[_64] perlasm: pull-in from HEAD.
2011-06-28 13:33:47 +00:00
Andy Polyakov
0ec55604c0
Expand OPENSSL_ia32cap_P to 64 bits. It might appear controversial, because
...
such operation can be considered as breaking binary compatibility. However!
OPNESSL_ia32cap_P is accessed by application through pointer returned by
OPENSSL_ia32cap_loc() and such change of *internal* OPENSSL_ia32cap_P
declaration is possible specifically on little-endian platforms, such as
x86[_64] ones in question. In addition, if 32-bit application calls
OPENSSL_ia32cap_loc(), it clears upper half of capability vector maintaining
the illusion that it's still 32 bits wide.
2011-06-28 13:31:58 +00:00
Dr. Stephen Henson
500007c9ed
auto detect configuration using KERNEL_BITS and CC
2011-06-27 11:39:01 +00:00
Dr. Stephen Henson
f75abba013
allow KERNEL_BITS to be specified in the environment
2011-06-24 14:04:18 +00:00
Dr. Stephen Henson
dea113b428
PR: 2470
...
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve
Don't call ERR_remove_state from DllMain.
2011-06-22 15:38:40 +00:00
Dr. Stephen Henson
6abc406a69
PR: 2543
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Correctly handle errors in DTLSv1_handle_timeout()
2011-06-22 15:30:04 +00:00
Dr. Stephen Henson
dcbe723bc5
PR: 2540
...
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve
Prevent infinite loop in BN_GF2m_mod_inv().
2011-06-22 15:23:40 +00:00
Dr. Stephen Henson
33c98a28ac
correctly encode OIDs near 2^32
2011-06-22 15:15:48 +00:00
Dr. Stephen Henson
b2ddddfb20
allow MD5 use for computing old format hash links
2011-06-22 02:18:06 +00:00
Dr. Stephen Henson
c24367ebb9
Don't set FIPS rand method at same time as RAND method as this can cause
...
the FIPS library to fail. Applications that want to set the FIPS rand
method can do so explicitly and presumably they know what they are doing...
2011-06-21 17:08:25 +00:00
Dr. Stephen Henson
7397b35379
Add FIPS error codes.
2011-06-21 16:58:10 +00:00
Dr. Stephen Henson
baee44c3de
Stop warning.
2011-06-21 16:42:15 +00:00
Dr. Stephen Henson
1f2e4ecc30
Rename all AES_set*() functions using private_ prefix.
2011-06-21 16:23:42 +00:00
Dr. Stephen Henson
955e28006d
make EVP_dss() work for DSA signing
2011-06-20 20:05:13 +00:00
Dr. Stephen Henson
bf0736eb1f
Redirect null cipher to FIPS module.
2011-06-20 20:00:10 +00:00
Dr. Stephen Henson
3a5b97b7f1
Don't set default public key methods in FIPS mode so applications
...
can switch between modes.
2011-06-20 19:41:13 +00:00
Dr. Stephen Henson
45bf825066
Set FIPSLINK correctly now trailing slash is removed from FIPSDIR.
2011-06-18 19:35:03 +00:00
Dr. Stephen Henson
4a18d5c89b
Don't add trailing slash to FIPSDIR: it causes problems with Windows builds.
2011-06-18 19:02:12 +00:00
Dr. Stephen Henson
174b26c497
Preliminary WIN32 support for FIPS capable OpenSSL building.
2011-06-17 12:50:40 +00:00
Bodo Möller
5cacc82f61
Fix the version history: given that 1.0.1 has yet to be released,
...
we should list "Changes between 1.0.0e and 1.0.1",
not "between 1.0.0d and 1.0.1".
2011-06-15 14:23:44 +00:00
Dr. Stephen Henson
29a90816ff
Update key sizes to 2048 bits.
...
Only build ssltest with fipsld.
Include FIPS mode test for ssltest.
2011-06-14 15:35:49 +00:00
Dr. Stephen Henson
4bea454021
set FIPS allow before initialising ctx
2011-06-14 15:25:41 +00:00