Commit graph

9809 commits

Author SHA1 Message Date
Richard Levitte
b2fdf501c5 file vms_rms.h was added on branch OpenSSL_1_0_1-stable on 2011-03-19 09:47:25 +0000 2011-03-19 09:44:30 +00:00
Richard Levitte
345e515735 file install-crypto.com was added on branch OpenSSL_1_0_1-stable on 2011-03-19 09:47:25 +0000 2011-03-19 09:44:29 +00:00
Richard Levitte
945982b0b2 file vms_decc_init.c was added on branch OpenSSL_1_0_1-stable on 2011-03-19 09:47:21 +0000 2011-03-19 09:44:27 +00:00
Richard Levitte
18ad9cbd10 file install-apps.com was added on branch OpenSSL_1_0_1-stable on 2011-03-19 09:47:21 +0000 2011-03-19 09:44:26 +00:00
Richard Levitte
f433a75569 file openssl_undo.com was added on branch OpenSSL_1_0_1-stable on 2011-03-19 09:47:19 +0000 2011-03-19 09:44:25 +00:00
Richard Levitte
b05389c825 file openssl_startup.com was added on branch OpenSSL_1_0_1-stable on 2011-03-19 09:47:19 +0000 2011-03-19 09:44:24 +00:00
Richard Levitte
68875fdf32 file install-vms.com was added on branch OpenSSL_1_0_1-stable on 2011-03-19 09:47:19 +0000 2011-03-19 09:44:23 +00:00
Dr. Stephen Henson
3393e0c02c Fix SRP error codes (from HEAD). 2011-03-16 16:55:12 +00:00
Ben Laurie
a149b2466e Add SRP. 2011-03-16 11:26:40 +00:00
Dr. Stephen Henson
13e230d505 PR: 2469
Submitted by: Jim Studt <jim@studt.net>
Reviewed by: steve

Check mac is present before trying to retrieve mac iteration count.
2011-03-13 18:20:23 +00:00
Dr. Stephen Henson
80b3d7a3c9 Remove redundant check to stop compiler warning. 2011-03-12 17:05:58 +00:00
Ben Laurie
4bd48de60c Fix warning. 2011-03-12 12:18:34 +00:00
Dr. Stephen Henson
2eab92f8e3 make no-dsa work again 2011-03-10 18:27:13 +00:00
Andy Polyakov
2bbd82cf24 s390x-mont.pl: optimize for z196. 2011-03-04 13:13:04 +00:00
Andy Polyakov
1bfd3d7f58 dso_dlfcn.c: make it work on Tru64 4.0 [from HEAD]. 2011-02-12 16:47:12 +00:00
Bodo Möller
cd77b3e88b Sync with 1.0.0 branch.
(CVE-2011-0014 OCSP stapling fix has been applied to the 1.0.1 branch as well.)
2011-02-08 19:08:32 +00:00
Bodo Möller
8c93c4dd42 OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d)
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
2011-02-08 17:48:41 +00:00
Bodo Möller
45d63a5408 Synchronize with 1.0.0 branch 2011-02-08 08:48:34 +00:00
Dr. Stephen Henson
decef971f4 add -stripcr option to copy.pl from 0.9.8 2011-02-03 14:58:02 +00:00
Bodo Möller
a288aaefc4 Assorted bugfixes:
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check

Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
2011-02-03 12:03:57 +00:00
Bodo Möller
eed56c77b4 fix omission 2011-02-03 11:19:52 +00:00
Bodo Möller
346601bc32 CVE-2010-4180 fix (from OpenSSL_1_0_0-stable) 2011-02-03 10:42:00 +00:00
Dr. Stephen Henson
5080fbbef0 Since FIPS 186-3 specifies we use the leftmost bits of the digest
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.
2011-02-01 12:53:47 +00:00
Dr. Stephen Henson
b5b724348d stop warnings about no previous prototype when compiling shared engines 2011-01-30 01:55:29 +00:00
Dr. Stephen Henson
c3ee90d8ca FIPS mode changes to make RNG compile (this will need updating later as we
need a whole new PRNG for FIPS).

1. avoid use of ERR_peek().

2. If compiling with FIPS use small FIPS EVP and disable ENGINE
2011-01-26 14:55:23 +00:00
Dr. Stephen Henson
e1435034ae FIPS_allow_md5() no longer exists and is no longer required 2011-01-26 12:25:51 +00:00
Richard Levitte
bf35c5dc7f Add rsa_crpt 2011-01-26 06:32:22 +00:00
Dr. Stephen Henson
c42d223ac2 Move RSA encryption functions to new file crypto/rsa/rsa_crpt.c to separate
crypto and ENGINE dependencies in RSA library.
2011-01-25 17:43:20 +00:00
Dr. Stephen Henson
d5654d2b20 Move BN_options function to bn_print.c to remove dependency for BIO printf
routines from bn_lib.c
2011-01-25 17:10:42 +00:00
Dr. Stephen Henson
a7508fec1a Move DSA_sign, DSA_verify to dsa_asn1.c and include separate versions of
DSA_SIG_new() and DSA_SIG_free() to remove ASN1 dependencies from DSA_do_sign()
and DSA_do_verify().
2011-01-25 16:55:27 +00:00
Dr. Stephen Henson
c31945e682 recalculate DSA signature if r or s is zero (FIPS 186-3 requirement) 2011-01-25 16:02:27 +00:00
Dr. Stephen Henson
d3203b931e PR: 2433
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:20:05 +00:00
Dr. Stephen Henson
947f4e90c3 New function EC_KEY_set_affine_coordinates() this performs all the
NIST PKV tests.
2011-01-24 16:09:57 +00:00
Dr. Stephen Henson
d184c7b271 check EC public key isn't point at infinity 2011-01-24 15:07:47 +00:00
Dr. Stephen Henson
913488c066 PR: 1612
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve

Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
2011-01-24 14:41:49 +00:00
Dr. Stephen Henson
7fa27d9ac6 Add additional parameter to dsa_builtin_paramgen to output the generated
seed to: this doesn't introduce any binary compatibility issues as the
function is only used internally.

The seed output is needed for FIPS 140-2 algorithm testing: the functionality
used to be in DSA_generate_parameters_ex() but was removed in OpenSSL 1.0.0
2011-01-19 14:46:42 +00:00
Dr. Stephen Henson
c341b9cce5 add va_list version of ERR_add_error_data 2011-01-14 15:13:59 +00:00
Dr. Stephen Henson
bbbf0d45ba stop warning with no-engine 2011-01-13 15:42:47 +00:00
Richard Levitte
114c402d9e PR: 2425
Synchronise VMS build with Unixly build.
2011-01-10 20:55:27 +00:00
Dr. Stephen Henson
d51519eba4 add buf_str.c file 2011-01-09 13:30:58 +00:00
Dr. Stephen Henson
e650f9988b move some string utilities to buf_str.c to reduce some dependencies (from 0.9.8 branch). 2011-01-09 13:30:34 +00:00
Dr. Stephen Henson
8ed8454115 add X9.31 prime generation routines from 0.9.8 branch 2011-01-09 13:22:47 +00:00
Richard Levitte
6e101bebb1 PR: 2407
Fix fault include.
Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
2011-01-06 20:56:04 +00:00
Dr. Stephen Henson
4577b38d22 Don't use decryption_failed alert for TLS v1.1 or later. 2011-01-04 19:39:42 +00:00
Dr. Stephen Henson
a8515e2d28 Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed
alert.
2011-01-04 19:33:30 +00:00
Dr. Stephen Henson
964e91052e oops missed an assert 2011-01-03 12:52:11 +00:00
Dr. Stephen Henson
4e55e69bff PR: 2411
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Fix corner cases in RFC3779 code.
2011-01-03 01:40:45 +00:00
Dr. Stephen Henson
e501dbb658 Fix escaping code for string printing. If *any* escaping is enabled we
must escape the escape character itself (backslash).
2011-01-03 01:30:58 +00:00
Dr. Stephen Henson
20e505e4b7 PR: 2410
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Use OPENSSL_assert() instead of assert().
2011-01-03 01:22:27 +00:00
Dr. Stephen Henson
291a26e6e3 PR: 2413
Submitted by: Michael Bergandi <mbergandi@gmail.com>
Reviewed by: steve

Fix typo in crypto/bio/bss_dgram.c
2011-01-03 01:07:20 +00:00