Commit graph

5354 commits

Author SHA1 Message Date
Andy Polyakov
4afba1f3d9 Mafiles updates to accomodate assembler update from HEAD. 2011-11-14 20:42:22 +00:00
Dr. Stephen Henson
5999d45a5d DH keys have an (until now) unused 'q' parameter. When creating from DSA copy
q across and if q present generate DH key in the correct range. (from HEAD)
2011-11-14 14:16:09 +00:00
Dr. Stephen Henson
f69e5d6a19 Call OPENSSL_init after we've checked to see if customisation is permissible. 2011-11-14 14:15:29 +00:00
Ben Laurie
3517637702 Ignorance. 2011-11-14 02:42:26 +00:00
Ben Laurie
4c02cf8ecc make depend. 2011-11-13 20:23:34 +00:00
Andy Polyakov
6471ec71aa x86cpuid.pl: compensate for imaginary virtual machines [from HEAD].
PR: 2633
2011-11-08 21:28:14 +00:00
Andy Polyakov
cb45708061 x86cpuid.pl: don't punish "last-year" OSes on "this-year" CPUs.
PR: 2633
2011-11-05 10:44:25 +00:00
Andy Polyakov
02597f2885 ppc.pl: fix bug in bn_mul_comba4 [from HEAD].
PR: 2636
Submitted by: Charles Bryant
2011-11-05 10:16:30 +00:00
Richard Levitte
8c6a514edf Add missing algorithms to disable, and in particular, disable
EC_NISTP_64_GCC_128 by default, as GCC isn't currently supported on
VMS.  Add CMAC to the modules to build, and synchronise with Unix.
2011-10-30 11:45:30 +00:00
Dr. Stephen Henson
a8d72c79db PR: 2632
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
2011-10-26 16:43:23 +00:00
Dr. Stephen Henson
03f84c8260 Update error codes for FIPS.
Add support for authentication in FIPS_mode_set().
2011-10-21 13:04:27 +00:00
Bodo Möller
67f8de9ab8 "make update" 2011-10-19 15:24:44 +00:00
Bodo Möller
2d95ceedc5 BN_BLINDING multi-threading fix.
Submitted by: Emilia Kasper (Google)
2011-10-19 14:58:59 +00:00
Bodo Möller
3d520f7c2d Fix warnings.
Also, use the common Configure mechanism for enabling/disabling the 64-bit ECC code.
2011-10-19 08:58:35 +00:00
Bodo Möller
9c37519b55 Improve optional 64-bit NIST-P224 implementation, and add NIST-P256 and
NIST-P521. (Now -DEC_NISTP_64_GCC_128 enables all three of these;
-DEC_NISTP224_64_GCC_128 no longer works.)

Submitted by: Google Inc.
2011-10-18 19:43:54 +00:00
Andy Polyakov
a99ce1f5b1 e_aes.c: fix bug in aesni_gcm_tls_cipher [in HEAD]. 2011-10-14 09:34:14 +00:00
Andy Polyakov
42660b3cf1 aesni-x86[_64].pl: pull from HEAD. 2011-10-14 09:21:03 +00:00
Bodo Möller
93ff4c69f7 Make CTR mode behaviour consistent with other modes:
clear ctx->num in EVP_CipherInit_ex

Submitted by: Emilia Kasper
2011-10-13 13:42:29 +00:00
Dr. Stephen Henson
6841abe842 update pkey method initialisation and copy 2011-10-11 18:16:02 +00:00
Dr. Stephen Henson
cb70355d87 Backport ossl_ssize_t type from HEAD. 2011-10-10 22:33:50 +00:00
Dr. Stephen Henson
b17442bb04 def_rsa_finish not used anymore. 2011-10-10 20:34:17 +00:00
Dr. Stephen Henson
4874e235fb fix leak properly this time... 2011-10-10 14:09:05 +00:00
Dr. Stephen Henson
9309ea6617 Backport PSS signature support from HEAD. 2011-10-09 23:13:50 +00:00
Dr. Stephen Henson
88bac3e664 fix memory leaks 2011-10-09 23:09:22 +00:00
Dr. Stephen Henson
5473b6bc2f Fix memory leak. From HEAD. 2011-10-09 16:04:17 +00:00
Dr. Stephen Henson
dc100d87b5 Backport of password based CMS support from HEAD. 2011-10-09 15:28:02 +00:00
Dr. Stephen Henson
6f6b31dadc PR: 2482
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
2011-10-09 00:56:43 +00:00
Dr. Stephen Henson
177f27d71e ? crypto/aes/aes-armv4.S
? crypto/aes/aesni-sha1-x86_64.s
? crypto/aes/aesni-x86_64.s
? crypto/aes/foo.pl
? crypto/aes/vpaes-x86_64.s
? crypto/bn/.bn_lib.c.swp
? crypto/bn/armv4-gf2m.S
? crypto/bn/diffs
? crypto/bn/modexp512-x86_64.s
? crypto/bn/x86_64-gf2m.s
? crypto/bn/x86_64-mont5.s
? crypto/ec/bc.txt
? crypto/ec/diffs
? crypto/modes/a.out
? crypto/modes/diffs
? crypto/modes/ghash-armv4.S
? crypto/modes/ghash-x86_64.s
? crypto/modes/op.h
? crypto/modes/tst.c
? crypto/modes/x.h
? crypto/objects/.obj_xref.txt.swp
? crypto/rand/diffs
? crypto/sha/sha-512
? crypto/sha/sha1-armv4-large.S
? crypto/sha/sha256-armv4.S
? crypto/sha/sha512-armv4.S
Index: crypto/objects/obj_xref.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/objects/obj_xref.c,v
retrieving revision 1.9
diff -u -r1.9 obj_xref.c
--- crypto/objects/obj_xref.c	5 Nov 2008 18:38:58 -0000	1.9
+++ crypto/objects/obj_xref.c	6 Oct 2011 20:30:21 -0000
@@ -110,8 +110,10 @@
 #endif
 	if (rv == NULL)
 		return 0;
-	*pdig_nid = rv->hash_id;
-	*ppkey_nid = rv->pkey_id;
+	if (pdig_nid)
+		*pdig_nid = rv->hash_id;
+	if (ppkey_nid)
+		*ppkey_nid = rv->pkey_id;
 	return 1;
 	}

@@ -144,7 +146,8 @@
 #endif
 	if (rv == NULL)
 		return 0;
-	*psignid = (*rv)->sign_id;
+	if (psignid)
+		*psignid = (*rv)->sign_id;
 	return 1;
 	}

Index: crypto/x509/x509type.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/x509/x509type.c,v
retrieving revision 1.10
diff -u -r1.10 x509type.c
--- crypto/x509/x509type.c	26 Oct 2007 12:06:33 -0000	1.10
+++ crypto/x509/x509type.c	6 Oct 2011 20:36:04 -0000
@@ -100,20 +100,26 @@
 		break;
 		}

-	i=X509_get_signature_type(x);
-	switch (i)
+	i=OBJ_obj2nid(x->sig_alg->algorithm);
+	if (i && OBJ_find_sigid_algs(i, NULL, &i))
 		{
-	case EVP_PKEY_RSA:
-		ret|=EVP_PKS_RSA;
-		break;
-	case EVP_PKEY_DSA:
-		ret|=EVP_PKS_DSA;
-		break;
-	case EVP_PKEY_EC:
-		ret|=EVP_PKS_EC;
-		break;
-	default:
-		break;
+
+		switch (i)
+			{
+		case NID_rsaEncryption:
+		case NID_rsa:
+			ret|=EVP_PKS_RSA;
+			break;
+		case NID_dsa:
+		case NID_dsa_2:
+			ret|=EVP_PKS_DSA;
+			break;
+		case NID_X9_62_id_ecPublicKey:
+			ret|=EVP_PKS_EC;
+			break;
+		default:
+			break;
+			}
 		}

 	if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
2011-10-06 20:45:08 +00:00
Dr. Stephen Henson
e8f31f80d1 PR: 2606
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve

Handle timezones correctly in UTCTime.
2011-09-23 13:39:35 +00:00
Dr. Stephen Henson
e34a303ce1 make depend 2011-09-16 23:15:22 +00:00
Dr. Stephen Henson
36f120cd20 Improved error checking for DRBG calls.
New functionality to allow default DRBG type to be set during compilation or during runtime.
2011-09-16 23:12:34 +00:00
Dr. Stephen Henson
0ae7c43fa5 Improved error checking for DRBG calls.
New functionality to allow default DRBG type to be set during compilation
or during runtime.
2011-09-16 23:08:57 +00:00
Dr. Stephen Henson
c0d2943952 Typo. 2011-09-16 23:04:07 +00:00
Dr. Stephen Henson
7d453a3b49 Fix warnings (from HEAD). 2011-09-10 21:18:37 +00:00
Dr. Stephen Henson
cd447875e6 Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past
produce an error (CVE-2011-3207)
2011-09-06 15:14:41 +00:00
Bodo Möller
7f1022a8b1 Fix memory leak on bad inputs. 2011-09-05 09:57:15 +00:00
Bodo Möller
edf6b025b1 make update 2011-09-05 09:44:54 +00:00
Bodo Möller
9e96812934 Fix error codes. 2011-09-05 09:42:55 +00:00
Dr. Stephen Henson
91e97cbe4c Don't use *from++ in tolower as this is implemented as a macro on some
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.
2011-09-02 11:28:18 +00:00
Dr. Stephen Henson
63ee3b32fe PR: 2576
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve

Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
2011-09-02 11:20:32 +00:00
Dr. Stephen Henson
4ff1a2da10 PR: 2340
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve

Stop warnings if OPENSSL_NO_DGRAM is defined.
2011-09-01 15:01:55 +00:00
Dr. Stephen Henson
4c3c975066 make timing attack protection unconditional 2011-09-01 14:23:22 +00:00
Dr. Stephen Henson
be0853358c PR: 2589
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Initialise p pointer.
2011-09-01 13:52:38 +00:00
Dr. Stephen Henson
fea15b553d PR: 2588
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Close file pointer.
2011-09-01 13:49:08 +00:00
Andy Polyakov
84e7485bfb Add RC4-MD5 and AESNI-SHA1 "stitched" implementations [from HEAD]. 2011-08-23 20:53:34 +00:00
Andy Polyakov
f56f72f219 eng_rsax.c: improve portability [from HEAD]. 2011-08-22 19:01:41 +00:00
Andy Polyakov
2bfb23f102 modexp512-x86_64.pl: make it work with ml64 [from HEAD]. 2011-08-19 06:31:27 +00:00
Dr. Stephen Henson
cf199fec52 Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA
using OBJ xref utilities instead of string comparison with OID name.

This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.
2011-08-14 13:47:30 +00:00
Andy Polyakov
165c20c2c4 eng_rsax.c: make it work on Win64. 2011-08-14 08:38:04 +00:00
Andy Polyakov
625c6ba4c7 eng_rdrand.c: make it link in './config 386' case [from HEAD]. 2011-08-14 08:31:14 +00:00
Andy Polyakov
a32bede701 x86_64-xlate.pl: fix movzw [from HEAD]. 2011-08-12 21:25:23 +00:00
Andy Polyakov
8ff5c8874f Alpha assembler fixed from HEAD.
PR: 2577
2011-08-12 12:31:08 +00:00
Dr. Stephen Henson
c5d38fc262 aesni TLS GCM support 2011-08-11 23:06:37 +00:00
Dr. Stephen Henson
6b71970520 Sync EVP AES modes from HEAD. 2011-08-11 22:52:06 +00:00
Dr. Stephen Henson
0209e111f6 Add XTS OIDs from HEAD. 2011-08-11 22:51:37 +00:00
Dr. Stephen Henson
dc01af7723 Sync ASM/modes to add CCM and XTS modes and assembly language optimisation
(from HEAD, original by Andy).
2011-08-11 22:36:19 +00:00
Dr. Stephen Henson
5435d0412f prevent compilation errors and warnings 2011-08-11 21:12:01 +00:00
Andy Polyakov
922ac25f64 Add provisory support for RDRAND [from HEAD]. 2011-08-10 18:53:13 +00:00
Dr. Stephen Henson
61cdb9f36a Backport GCM support from HEAD. Minimal support at present: no assembly
language optimisation. [original by Andy]
2011-08-04 11:12:38 +00:00
Dr. Stephen Henson
1acd042c85 fix memory leak 2011-08-03 16:40:14 +00:00
Dr. Stephen Henson
572712d82a recognise ecdsaWithSHA1 OID 2011-07-28 14:42:53 +00:00
Dr. Stephen Henson
d1697a7556 Disable rsax for Windows: it doesn't currently work. 2011-07-25 23:45:49 +00:00
Andy Polyakov
90f3e4cf05 Back-port TLS AEAD framework [from HEAD]. 2011-07-21 19:22:57 +00:00
Dr. Stephen Henson
7bd8bf58bb stop warnings 2011-07-21 13:45:17 +00:00
Andy Polyakov
1190d3f442 Add RSAX builtin engine [from HEAD]. 2011-07-20 21:51:33 +00:00
Dr. Stephen Henson
0e4f5cfbab PR: 2559
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS socket error bug
2011-07-20 15:22:02 +00:00
Dr. Stephen Henson
2305ae5d8c PR: 2556 (partial)
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
2011-07-14 12:01:36 +00:00
Andy Polyakov
2a5e042c70 perlasm/cbc.pl: fix tail processing bug [from HEAD].
PR: 2557
2011-07-13 06:22:46 +00:00
Andy Polyakov
a460c42f94 x86_64-xlate.pl: update from HEAD. 2011-07-04 13:11:55 +00:00
Andy Polyakov
d16743e728 sha1-x86_64.pl: nasm-related update from HEAD. 2011-07-04 13:01:42 +00:00
Andy Polyakov
4a29fa8caf sha1-x86_64.pl: fix win64-specific typos and add masm support [from HEAD]. 2011-07-01 21:24:39 +00:00
Andy Polyakov
250bb54dba x86_64-xlate.pl: masm-specific update. 2011-07-01 21:22:13 +00:00
Dr. Stephen Henson
8315aa03fc Fix assembly language function renaming so it works on WIN64. 2011-07-01 14:13:52 +00:00
Andy Polyakov
9a35faaa29 rc4-x86[_64].pl: back-sync with original 1.0.1. 2011-06-28 15:04:31 +00:00
Andy Polyakov
fbe2e28911 AES-NI backport from HEAD. Note that e_aes.c doesn't implement all modes
from HEAD yet, more will be back-ported later.
2011-06-28 14:49:35 +00:00
Andy Polyakov
84968e25f3 x86[_64] assembler pack: back-port SHA1 and RC4 from HEAD. 2011-06-28 13:53:50 +00:00
Andy Polyakov
10fd0b7b55 x86[_64]cpuid.pl: harmonize OPENSSL_ia32_cpuid [from HEAD]. 2011-06-28 13:40:19 +00:00
Andy Polyakov
4a46dc6e5c x86[_64] perlasm: pull-in from HEAD. 2011-06-28 13:33:47 +00:00
Andy Polyakov
0ec55604c0 Expand OPENSSL_ia32cap_P to 64 bits. It might appear controversial, because
such operation can be considered as breaking binary compatibility. However!
OPNESSL_ia32cap_P is accessed by application through pointer returned by
OPENSSL_ia32cap_loc() and such change of *internal* OPENSSL_ia32cap_P
declaration is possible specifically on little-endian platforms, such as
x86[_64] ones in question. In addition, if 32-bit application calls
OPENSSL_ia32cap_loc(), it clears upper half of capability vector maintaining
the illusion that it's still 32 bits wide.
2011-06-28 13:31:58 +00:00
Dr. Stephen Henson
dea113b428 PR: 2470
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve

Don't call ERR_remove_state from DllMain.
2011-06-22 15:38:40 +00:00
Dr. Stephen Henson
dcbe723bc5 PR: 2540
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Prevent infinite loop in BN_GF2m_mod_inv().
2011-06-22 15:23:40 +00:00
Dr. Stephen Henson
33c98a28ac correctly encode OIDs near 2^32 2011-06-22 15:15:48 +00:00
Dr. Stephen Henson
b2ddddfb20 allow MD5 use for computing old format hash links 2011-06-22 02:18:06 +00:00
Dr. Stephen Henson
c24367ebb9 Don't set FIPS rand method at same time as RAND method as this can cause
the FIPS library to fail. Applications that want to set the FIPS rand
method can do so explicitly and presumably they know what they are doing...
2011-06-21 17:08:25 +00:00
Dr. Stephen Henson
7397b35379 Add FIPS error codes. 2011-06-21 16:58:10 +00:00
Dr. Stephen Henson
1f2e4ecc30 Rename all AES_set*() functions using private_ prefix. 2011-06-21 16:23:42 +00:00
Dr. Stephen Henson
955e28006d make EVP_dss() work for DSA signing 2011-06-20 20:05:13 +00:00
Dr. Stephen Henson
bf0736eb1f Redirect null cipher to FIPS module. 2011-06-20 20:00:10 +00:00
Dr. Stephen Henson
3a5b97b7f1 Don't set default public key methods in FIPS mode so applications
can switch between modes.
2011-06-20 19:41:13 +00:00
Dr. Stephen Henson
ed1bbe2cad make sure custom cipher flag doesn't use any mode bits 2011-06-13 23:10:34 +00:00
Dr. Stephen Henson
b0b3d09063 Set rand method in FIPS_mode_set() not in rand library. 2011-06-13 21:18:00 +00:00
Dr. Stephen Henson
0ede2af7a0 Redirect RAND to FIPS module in FIPS mode. 2011-06-13 20:40:52 +00:00
Dr. Stephen Henson
e8d23f7811 Redirect HMAC and CMAC operations to module. 2011-06-12 15:07:26 +00:00
Dr. Stephen Henson
7c402e5af3 Disable GCM, CCM, XTS outside FIPS mode this will be updated
when backported.
2011-06-10 14:22:42 +00:00
Dr. Stephen Henson
4276908f51 add android support to DSO (from HEAD) 2011-06-09 21:49:24 +00:00
Ben Laurie
f851acbfff Fix warnings/errors(!). 2011-06-09 17:09:08 +00:00
Ben Laurie
78ef9b0205 Fix warnings. 2011-06-09 16:03:18 +00:00
Dr. Stephen Henson
ed9b0e5cba Redirect DH key and parameter generation. 2011-06-09 15:21:46 +00:00
Dr. Stephen Henson
752c1a0ce9 Redirect DSA operations to FIPS module in FIPS mode. 2011-06-09 13:54:09 +00:00
Dr. Stephen Henson
cc30415d0c Use method rsa keygen first if FIPS mode if it is a FIPS method. 2011-06-09 13:18:07 +00:00
Dr. Stephen Henson
03e16611a3 Redirect DH operations to FIPS module. Block non-FIPS methods.
Sync DH error codes with HEAD.
2011-06-08 15:58:59 +00:00
Dr. Stephen Henson
b6d63b2516 Check fips method flags for ECDH, ECDSA. 2011-06-08 14:01:00 +00:00
Dr. Stephen Henson
e6b88d02bd Implement Camellia_set_key properly for FIPS builds. 2011-06-08 13:11:46 +00:00
Andy Polyakov
125060ca63 rc4_skey.c: remove dead/redundant code (it's never compiled) and
misleading/obsolete comment [from HEAD].
2011-06-06 20:04:33 +00:00
Dr. Stephen Henson
6342b6e332 Redirection of ECDSA, ECDH operations to FIPS module.
Also use FIPS EC methods unconditionally for now: might want to use them
only in FIPS mode or with a switch later.
2011-06-06 15:39:17 +00:00
Dr. Stephen Henson
59bc67052b Add flags field to EC_KEY structure (backport from HEAD). 2011-06-06 13:18:03 +00:00
Dr. Stephen Henson
c090562828 Make no-ec2m work again (backport from HEAD). 2011-06-06 13:00:30 +00:00
Dr. Stephen Henson
69e2ec63c5 Reorganise ECC code so it can use FIPS module.
Move compression, point2oct and oct2point functions into separate files.

Add a flags field to EC_METHOD.

Add a flag EC_FLAGS_DEFAULT_OCT to use the default compession and oct functions
(all existing methods do this). This removes dependencies from EC_METHOD while
keeping original functionality.

Backport from HEAD with minor changes.
2011-06-06 12:54:51 +00:00
Dr. Stephen Henson
f610a516a0 Backport from HEAD:
New option to disable characteristic two fields in EC code.

Make no-ec2m work on Win32 build.
2011-06-06 11:49:36 +00:00
Dr. Stephen Henson
2e51a4caa3 Function not used outside FIPS builds. 2011-06-06 11:24:47 +00:00
Dr. Stephen Henson
c6fa97a6d6 FIPS low level blocking for AES, RC4 and Camellia. This is complicated by
use of assembly language routines: rename the assembly language function
to the private_* variant unconditionally and perform tests from a small
C wrapper.
2011-06-05 17:36:44 +00:00
Dr. Stephen Henson
24d7159abd Backport libcrypto audit: check return values of EVP functions instead
of assuming they will always suceed.
2011-06-03 20:53:00 +00:00
Dr. Stephen Henson
d99e6b5014 New function X509_ALGOR_set_md() to set X509_ALGOR (DigestAlgorithmIdentifier) from a digest algorithm (backport from HEAD). 2011-06-03 18:35:49 +00:00
Dr. Stephen Henson
2cf40fc2b8 license correction, no EAY code included in this file 2011-06-03 17:56:51 +00:00
Dr. Stephen Henson
260d08b814 Backport CMAC support from HEAD. 2011-06-03 15:08:42 +00:00
Dr. Stephen Henson
53dd05d8f6 Redirect RSA keygen, sign, verify to FIPS module. 2011-06-03 13:16:16 +00:00
Dr. Stephen Henson
fbe7055370 Redirection of low level APIs to FIPS module.
Digest sign, verify operations are not redirected at this stage.
2011-06-02 18:22:42 +00:00
Dr. Stephen Henson
a5b386205f Backport extended PSS support from HEAD: allow setting of mgf1Hash explicitly.
This is needed to handle FIPS redirection fully.
2011-06-02 18:13:33 +00:00
Dr. Stephen Henson
916bcab28e Prohibit low level cipher APIs in FIPS mode.
Not complete: ciphers with assembly language key setup are not
covered yet.
2011-06-01 16:54:06 +00:00
Dr. Stephen Henson
c7373c3dee For consistency define clone digests in evp_fips.c 2011-06-01 15:11:00 +00:00
Dr. Stephen Henson
9f2c8eb2a1 Redirect clone digests to FIPS module for FIPS builds. 2011-06-01 14:28:21 +00:00
Dr. Stephen Henson
65300dcfb0 Prohibit use of low level digest APIs in FIPS mode. 2011-06-01 13:39:45 +00:00
Dr. Stephen Henson
5792219d1d Redirect cipher operations to FIPS module for FIPS builds. 2011-05-29 16:18:38 +00:00
Dr. Stephen Henson
293c58c1e7 Use approved API for EVP digest operations in FIPS builds.
Call OPENSSL_init() in a few more places to make sure it is always called
at least once.

Initial cipher API redirection (incomplete).
2011-05-29 15:55:13 +00:00
Dr. Stephen Henson
9f375a752e Add default ASN1 handling to support FIPS. 2011-05-29 02:32:05 +00:00
Dr. Stephen Henson
04dc5a9ca6 Redirect digests to FIPS module for FIPS builds.
Use FIPS API when initialising digests.

Sync header file evp.h and error codes with HEAD for necessary FIPS
definitions.
2011-05-28 23:01:26 +00:00
Dr. Stephen Henson
ae6cb5483e Use || instead of && so build doesn't fail. 2011-05-26 22:10:28 +00:00
Dr. Stephen Henson
a168ec1d27 Support shared library builds of FIPS capable OpenSSL, add fipscanister.o
to libcrypto.a so linking to libcrypto.a works.
2011-05-26 21:23:11 +00:00
Dr. Stephen Henson
7207eca1ee The first of many changes to make OpenSSL 1.0.1 FIPS capable.
Add static build support to openssl utility.

Add new "fips" option to Configure.

Make use of installed fipsld and fips_standalone_sha1

Initialise FIPS error callbacks, locking and DRBG.

Doesn't do anything much yet: no crypto is redirected to the FIPS module.

Doesn't completely build either but the openssl utility can enter FIPS mode:
which doesn't do anything much either.
2011-05-26 14:19:19 +00:00
Dr. Stephen Henson
ed67f7b7a7 Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:52:33 +00:00
Dr. Stephen Henson
6ea8d138d3 Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:42:27 +00:00
Dr. Stephen Henson
419b09b053 PR: 2512
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
2011-05-25 12:36:59 +00:00
Richard Levitte
ab08405984 LIBOBJ contained o_fips.c, now o_fips.o. 2011-05-21 09:17:54 +00:00
Dr. Stephen Henson
f98d2e5cc1 Implement FIPS_mode and FIPS_mode_set 2011-05-19 18:19:07 +00:00
Dr. Stephen Henson
f4ddbb5ad1 inherit HMAC flags from MD_CTX 2011-05-19 17:38:57 +00:00
Dr. Stephen Henson
676cd3a283 new flag to stop ENGINE methods being registered 2011-05-15 15:58:38 +00:00
Dr. Stephen Henson
e24b01cc6f Have EC_NISTP224_64_GCC_128 treated like any algorithm, and have disabled by
default. If we don't do it this way, it screws up libeay.num.
(update from HEAD, original from levitte).
2011-05-12 13:10:27 +00:00
Dr. Stephen Henson
889c2282a5 allow SHA384, SHA512 with DSA 2011-05-08 12:38:51 +00:00
Dr. Stephen Henson
dca30c44f5 no need to include memory.h 2011-04-30 23:38:05 +00:00
Dr. Stephen Henson
f2c358c6ce check buffer is larger enough before overwriting 2011-04-06 18:06:54 +00:00
Richard Levitte
ecff2e5ce1 Corrections to the VMS build system.
Submitted by Steven M. Schweda <sms@antinode.info>
2011-03-25 16:21:08 +00:00
Dr. Stephen Henson
c9d630dab6 make some non-VMS builds work again 2011-03-25 15:07:18 +00:00
Richard Levitte
d135906dbc For VMS, implement the possibility to choose 64-bit pointers with
different options:
"64"		The build system will choose /POINTER_SIZE=64=ARGV if
		the compiler supports it, otherwise /POINTER_SIZE=64.
"64="		The build system will force /POINTER_SIZE=64.
"64=ARGV"	The build system will force /POINTER_SIZE=64=ARGV.
2011-03-25 09:39:46 +00:00
Richard Levitte
9f427a52cb make update (1.0.1-stable)
This meant a slight renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable.  However, since there's been no release on
this branch yet, it should be harmless.
2011-03-23 00:06:04 +00:00
Richard Levitte
9ed8dee71b A few more long symbols needing shortening. 2011-03-19 11:03:41 +00:00
Richard Levitte
4692b3345d Keep file references in the VMS build files in the same order as they
are in the Unix Makefiles, and add SRP tests.
2011-03-19 10:46:21 +00:00
Richard Levitte
e59fb00735 SRP was introduced, add it for OpenVMS. 2011-03-19 09:55:35 +00:00
Richard Levitte
9275853084 A few more symbols that need shorter versions on OpenVMS. 2011-03-19 09:54:47 +00:00
Richard Levitte
01d2e27a2b Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:47:47 +00:00
Ben Laurie
a149b2466e Add SRP. 2011-03-16 11:26:40 +00:00
Andy Polyakov
2bbd82cf24 s390x-mont.pl: optimize for z196. 2011-03-04 13:13:04 +00:00
Andy Polyakov
1bfd3d7f58 dso_dlfcn.c: make it work on Tru64 4.0 [from HEAD]. 2011-02-12 16:47:12 +00:00
Bodo Möller
a288aaefc4 Assorted bugfixes:
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check

Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
2011-02-03 12:03:57 +00:00
Dr. Stephen Henson
5080fbbef0 Since FIPS 186-3 specifies we use the leftmost bits of the digest
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.
2011-02-01 12:53:47 +00:00
Dr. Stephen Henson
b5b724348d stop warnings about no previous prototype when compiling shared engines 2011-01-30 01:55:29 +00:00
Dr. Stephen Henson
c3ee90d8ca FIPS mode changes to make RNG compile (this will need updating later as we
need a whole new PRNG for FIPS).

1. avoid use of ERR_peek().

2. If compiling with FIPS use small FIPS EVP and disable ENGINE
2011-01-26 14:55:23 +00:00
Richard Levitte
bf35c5dc7f Add rsa_crpt 2011-01-26 06:32:22 +00:00
Dr. Stephen Henson
c42d223ac2 Move RSA encryption functions to new file crypto/rsa/rsa_crpt.c to separate
crypto and ENGINE dependencies in RSA library.
2011-01-25 17:43:20 +00:00
Dr. Stephen Henson
d5654d2b20 Move BN_options function to bn_print.c to remove dependency for BIO printf
routines from bn_lib.c
2011-01-25 17:10:42 +00:00
Dr. Stephen Henson
a7508fec1a Move DSA_sign, DSA_verify to dsa_asn1.c and include separate versions of
DSA_SIG_new() and DSA_SIG_free() to remove ASN1 dependencies from DSA_do_sign()
and DSA_do_verify().
2011-01-25 16:55:27 +00:00
Dr. Stephen Henson
c31945e682 recalculate DSA signature if r or s is zero (FIPS 186-3 requirement) 2011-01-25 16:02:27 +00:00
Dr. Stephen Henson
d3203b931e PR: 2433
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:20:05 +00:00
Dr. Stephen Henson
947f4e90c3 New function EC_KEY_set_affine_coordinates() this performs all the
NIST PKV tests.
2011-01-24 16:09:57 +00:00
Dr. Stephen Henson
d184c7b271 check EC public key isn't point at infinity 2011-01-24 15:07:47 +00:00
Dr. Stephen Henson
913488c066 PR: 1612
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve

Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
2011-01-24 14:41:49 +00:00
Dr. Stephen Henson
7fa27d9ac6 Add additional parameter to dsa_builtin_paramgen to output the generated
seed to: this doesn't introduce any binary compatibility issues as the
function is only used internally.

The seed output is needed for FIPS 140-2 algorithm testing: the functionality
used to be in DSA_generate_parameters_ex() but was removed in OpenSSL 1.0.0
2011-01-19 14:46:42 +00:00
Dr. Stephen Henson
c341b9cce5 add va_list version of ERR_add_error_data 2011-01-14 15:13:59 +00:00
Dr. Stephen Henson
bbbf0d45ba stop warning with no-engine 2011-01-13 15:42:47 +00:00
Richard Levitte
114c402d9e PR: 2425
Synchronise VMS build with Unixly build.
2011-01-10 20:55:27 +00:00
Dr. Stephen Henson
d51519eba4 add buf_str.c file 2011-01-09 13:30:58 +00:00
Dr. Stephen Henson
e650f9988b move some string utilities to buf_str.c to reduce some dependencies (from 0.9.8 branch). 2011-01-09 13:30:34 +00:00
Dr. Stephen Henson
8ed8454115 add X9.31 prime generation routines from 0.9.8 branch 2011-01-09 13:22:47 +00:00
Dr. Stephen Henson
964e91052e oops missed an assert 2011-01-03 12:52:11 +00:00
Dr. Stephen Henson
4e55e69bff PR: 2411
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Fix corner cases in RFC3779 code.
2011-01-03 01:40:45 +00:00
Dr. Stephen Henson
e501dbb658 Fix escaping code for string printing. If *any* escaping is enabled we
must escape the escape character itself (backslash).
2011-01-03 01:30:58 +00:00
Dr. Stephen Henson
20e505e4b7 PR: 2410
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Use OPENSSL_assert() instead of assert().
2011-01-03 01:22:27 +00:00
Dr. Stephen Henson
291a26e6e3 PR: 2413
Submitted by: Michael Bergandi <mbergandi@gmail.com>
Reviewed by: steve

Fix typo in crypto/bio/bss_dgram.c
2011-01-03 01:07:20 +00:00
Dr. Stephen Henson
0383911887 PR: 2416
Submitted by: Mark Phalan <mark.phalan@oracle.com>
Reviewed by: steve

Use L suffix in version number.
2011-01-03 00:26:21 +00:00
Richard Levitte
90d02be7c5 First attempt at adding the possibility to set the pointer size for the builds on VMS.
PR: 2393
2010-12-14 19:18:58 +00:00
Andy Polyakov
04221983ac bss_file.c: refine UTF8 logic [from HEAD].
PR: 2382
2010-12-11 14:54:48 +00:00
Dr. Stephen Henson
411a388c62 PR: 2386
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve

Correct SKM_ASN1_SET_OF_d2i macro.
2010-12-02 18:02:14 +00:00
Dr. Stephen Henson
5566d49103 PR: 2385
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve

Zero key->pkey.ptr after it is freed so the structure can be reused.
2010-11-30 19:45:31 +00:00
Dr. Stephen Henson
2c5c4fca14 apply J-PKAKE fix to HEAD (original by Ben) 2010-11-29 18:33:28 +00:00
Dr. Stephen Henson
4fab95ed20 Some of the MS_STATIC use in crypto/evp is a legacy from the days when
EVP_MD_CTX was much larger: it isn't needed anymore.
2010-11-27 17:35:56 +00:00
Dr. Stephen Henson
a618011ca1 add "missing" functions to copy EVP_PKEY_METHOD and examine info 2010-11-24 16:07:45 +00:00
Dr. Stephen Henson
ec1e714ac1 constify EVP_PKEY_new_mac_key() 2010-11-24 13:14:03 +00:00
Richard Levitte
e43633011c Give the architecture dependent directory higher priority 2010-11-23 01:05:32 +00:00
Andy Polyakov
7665b436f0 s390x.S: fix typo in bn_mul_words [from HEAD].
PR: 2380
2010-11-22 21:57:29 +00:00
Dr. Stephen Henson
ffca7b85c2 PR: 2376
Submitted by: Guenter <lists@gknw.net>
Reviewed by: steve

Cleanup alloca use, fix Win32 target for OpenWatcom.
2010-11-19 00:11:44 +00:00
Richard Levitte
b97d371ce0 We redid the structure on architecture dependent source files, but
apparently forgot to adapt the copying to the installation directory.
2010-11-18 20:02:54 +00:00
Dr. Stephen Henson
b3aa469c21 compile cts128.c on VMS 2010-11-18 17:04:37 +00:00
Dr. Stephen Henson
1bfe9acbbf PR: 2372
Submitted by: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl>
Reviewed by: steve

Fix OpenBSD compilation failure.
2010-11-18 12:29:38 +00:00
Dr. Stephen Henson
19043426b9 backport AES EVP ctr mode changes from HEAD 2010-11-17 17:46:23 +00:00
Dr. Stephen Henson
975c6efbe4 sync OIDs with HEAD 2010-11-17 17:26:10 +00:00
Dr. Stephen Henson
972491aece If EVP_PKEY structure contains an ENGINE the key is ENGINE specific and
we should use its method instead of any generic one.
2010-11-16 12:11:31 +00:00
Dr. Stephen Henson
4444ff7632 Submitted by: Jonathan Dixon <joth@chromium.org>
Reviewed by: steve

If store is NULL set flags correctly.
2010-11-02 15:58:05 +00:00
Dr. Stephen Henson
7770da4b41 PR: 2295
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
2010-10-11 23:25:23 +00:00
Andy Polyakov
7202a4d42b x86_64-xlate.pl: fix LNK4078 and LNK4210 link warnings [from HEAD].
PR: 2356
2010-10-10 21:12:18 +00:00
Dr. Stephen Henson
b9e468c163 We can't always read 6 bytes in an OCSP response: fix so error statuses
are read correctly for non-blocking I/O.
2010-10-06 18:01:14 +00:00
Dr. Stephen Henson
945ba0300d Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:56:25 +00:00
Andy Polyakov
9e15cc606e Alpha assembler pack: adapt for Linux [from HEAD].
PR: 2335
2010-09-13 20:32:53 +00:00
Andy Polyakov
9447da5065 crypto/bn/asm/s390x.S: drop redundant instructions [from HEAD]. 2010-09-10 14:55:34 +00:00
Andy Polyakov
387ed39f6d sparcv9cap.c: disengange Solaris-specific CPU detection routine in favour
of unified procedure relying on SIGILL [from HEAD].
PR: 2321
2010-09-05 19:48:19 +00:00
Dr. Stephen Henson
6f0d9950f3 fix bug in AES_unwrap() 2010-08-30 23:58:47 +00:00
Bodo Möller
4705ff7d6d More C language police work. 2010-08-27 13:17:58 +00:00
Bodo Möller
74b5feea7b C conformity fixes: Move declarations before statements in all blocks. 2010-08-27 12:07:12 +00:00
Bodo Möller
11a36aa96f C conformity fixes:
- Move declarations before statements in all blocks.
- Where 64-bit type is required, use it explicitly (not 1l).
2010-08-27 11:29:09 +00:00
Bodo Möller
42ecf418f5 (formatting error) 2010-08-26 14:38:49 +00:00
Bodo Möller
48ce525d16 New 64-bit optimized implementation EC_GFp_nistp224_method().
Binary compatibility is not affected as this will only be
compiled in if explicitly requested (#ifdef EC_NISTP224_64_GCC_128).

Submitted by: Emilia Kasper (Google)
2010-08-26 14:29:27 +00:00
Bodo Möller
82281ce47d ECC library bugfixes.
Submitted by: Emilia Kapser (Google)
2010-08-26 12:10:57 +00:00
Andy Polyakov
1657fca2f4 sha1-armv4-large.pl: reschedule instructions for dual-issue pipeline [from HEAD]
.
2010-08-03 15:36:52 +00:00
Andy Polyakov
0d25aad90d Make inline assembler clang-friendly [from HEAD]. 2010-08-02 21:54:48 +00:00
Andy Polyakov
b8c1cb1c2c alphacpuid.pl: fix brown-bag bug [from HEAD]. 2010-07-28 08:18:46 +00:00
Andy Polyakov
6e1d44fd56 Replace alphacpuid.s with alphacpuid.pl to ensure it makes to release tar-balls [from HEAD].
PR: 2309
2010-07-26 22:11:23 +00:00
Dr. Stephen Henson
160f9b5bf6 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-07-21 16:23:59 +00:00
Andy Polyakov
4e2b990734 ARM assembler pack: reschedule instructions for dual-issue pipeline [from HEAD].
Modest improvement coefficients mean that code already had some
parallelism and there was not very much room for improvement. Special
thanks to Ted Krovetz for benchmarking the code with such patience.
2010-07-13 14:08:22 +00:00
Dr. Stephen Henson
6ca1418587 PR: 2297
Submitted by: Antony, Benoy <bantony@ebay.com>
Approved by: steve@openssl.org

Fix bug in AES wrap code when t > 0xff.
2010-07-09 17:25:46 +00:00
Andy Polyakov
b29b89ef21 rand_nw.c: compensate for gcc bug (using %edx instead of %eax at -O3)
[from HEAD].
PR: 2296
2010-07-08 09:15:49 +00:00
Andy Polyakov
f90bf72280 sparcv9cap.c: reiterate CPU detection logic [from HEAD]. 2010-07-08 07:52:36 +00:00
Dr. Stephen Henson
abcf7aa591 crypto/sparc*: elininate _sparcv9_rdwrasi [from HEAD], original from Andy. 2010-07-05 22:22:22 +00:00
Dr. Stephen Henson
40b6d49387 SPARCv9 assembler pack: refine CPU detection on Linux, fix for "unaligned
opcodes detected in executable segment" error [from HEAD], original from Andy.
2010-07-05 22:20:36 +00:00
Dr. Stephen Henson
c549810def update versions for 1.0.1 2010-06-16 13:48:00 +00:00
Dr. Stephen Henson
dfa81d9efb update README, fix opensslv.h 2010-06-16 13:37:22 +00:00
Dr. Stephen Henson
1dba06e7b0 update for next version 2010-06-16 13:34:33 +00:00
Dr. Stephen Henson
daac87be95 clarify comment 2010-06-16 13:17:22 +00:00
Dr. Stephen Henson
e97359435e Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
Dr. Stephen Henson
9c7baca820 prepare for release 2010-06-01 13:31:38 +00:00
Dr. Stephen Henson
618265e645 Fix CVE-2010-1633 and CVE-2010-0742. 2010-06-01 13:17:06 +00:00
Andy Polyakov
938c0bbae1 x86_64-xlate.pl: updates from HEAD. 2010-06-01 05:57:26 +00:00
Dr. Stephen Henson
31c4ab5401 fix PR#2261 in a different way 2010-05-31 13:18:08 +00:00
Dr. Stephen Henson
1f65529824 PR: 2278
Submitted By: Mattias Ellert <mattias.ellert@fysast.uu.se>

Fix type checking macro SKM_ASN1_SET_OF_i2d
2010-05-29 12:49:48 +00:00
Dr. Stephen Henson
7a09bc4068 PR: 2258
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Base64 BIO fixes:

Use OPENSSL_assert() instead of assert().
Use memmove() as buffers overlap.
Fix write retry logic.
2010-05-27 12:41:20 +00:00
Dr. Stephen Henson
deb15645a8 PR: 2266
Submitted By: Jonathan Gray <jsg@goblin.cx>

Correct ioctl definitions.
2010-05-26 23:23:44 +00:00
Dr. Stephen Henson
59d100d959 PR: 2251
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Memleak, BIO chain leak and realloc checks in v3_pci.c
2010-05-22 00:31:02 +00:00
Dr. Stephen Henson
dc4e1ddc9f PR: 2253
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Check callback return value when outputting errors.
2010-05-15 00:36:12 +00:00
Dr. Stephen Henson
207886cd3a PR: 2244
Submitted By: "PMHager" <hager@dortmund.net>

Initialise pkey callback to 0.
2010-05-03 12:50:52 +00:00
Andy Polyakov
336d1ee733 bss_file.c: reserve for option to encode file name in UTF-8 on Windows
[from HEAD].
2010-04-28 20:04:37 +00:00
Andy Polyakov
bed2b769f5 md5-ia64.S: fix assembler warning [from HEAD]. 2010-04-20 20:41:23 +00:00
Dr. Stephen Henson
26029d9c4c PR: 2241
Submitted By: Artemy Lebedev <vagran.ast@gmail.com>

Typo.
2010-04-20 12:53:05 +00:00
Dr. Stephen Henson
4fae54a8e0 PR: 2235
Submitted By: Bruce Stephens <bruce.stephens@isode.com>

Make ts/Makefile consistent with other Makefiles.
2010-04-14 23:04:19 +00:00
Andy Polyakov
9f35928719 x86_64cpuid.pl: ml64 is allergic to db on label line [from HEAD]. 2010-04-14 19:25:09 +00:00
Andy Polyakov
8a898a6fcc [co]cf128.c: fix "n=0" bug [from HEAD]. 2010-04-14 07:47:53 +00:00
Richard Levitte
2c25edc4c1 Too long symbols 2010-04-13 14:36:58 +00:00
Richard Levitte
d2f098b33d Spelling 2010-04-13 14:34:48 +00:00
Andy Polyakov
c73cff12f1 aes-ppc.pl: 10% performance improvement on Power6 [from HEAD]. 2010-04-10 14:54:34 +00:00
Andy Polyakov
b32d93840e cryptlib.c: allow application to override OPENSSL_isservice [from HEAD]. 2010-04-10 14:13:12 +00:00
Andy Polyakov
cb457849fd ctr129.c: fix typo, simplify ctr128_inc and fix "n=0" bug [from HEAD]. 2010-04-10 13:47:11 +00:00
Andy Polyakov
20dc93e49e sparccpuid.S: some assembler is allergic to apostrophes in comments [from HEAD]. 2010-04-10 13:37:06 +00:00
Andy Polyakov
b620447dcc alpha-mont.pl: comply with stack alignment requirement [from HEAD]. 2010-04-10 13:33:46 +00:00
Dr. Stephen Henson
5b0a79a27a PR: 2220
Fixes to make OpenSSL compile with no-rc4
2010-04-06 11:18:32 +00:00