wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10404 commits 20 branches 302 tags 153 MiB
Commit graph

5384 commits

Author SHA1 Message Date
Ben Laurie
0de5a0feee Work around macro issue with FreeBSD and gcc 4.6. 2012-05-18 12:40:28 +00:00
Andy Polyakov
67fda0c12e ppccap.c: assume no features under 32-bit AIX kernel [from HEAD]. 
PR: 2810
 2012-05-16 18:18:14 +00:00
Dr. Stephen Henson
1dded7f7e8 Experimental multi-implementation support for FIPS capable OpenSSL. 
When in FIPS mode the approved implementations are used as normal,
when not in FIPS mode the internal unapproved versions are used instead.
This means that the FIPS capable OpenSSL isn't forced to use the
(often lower perfomance) FIPS implementations outside FIPS mode.
 2012-05-13 18:40:12 +00:00
Dr. Stephen Henson
482f238069 PR: 2813 
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.
 2012-05-11 13:53:23 +00:00
Dr. Stephen Henson
24547c23ca Reported by: Solar Designer of Openwall 
Make sure tkeylen is initialised properly when encrypting CMS messages.
 2012-05-10 13:44:24 +00:00
Andy Polyakov
95416ce5b3 ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance 
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA,
why slower algorithm are affected more... [from HEAD].
PR: 2794
Submitted by: Ashley Lai
 2012-04-27 20:19:23 +00:00
Andy Polyakov
8e7ccf6ff7 objxref.pl: improve portability [from HEAD]. 2012-04-22 21:19:41 +00:00
Dr. Stephen Henson
51b77c0337 correct error code 2012-04-22 13:31:19 +00:00
Dr. Stephen Henson
1cc8410e36 PR: 2239 
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>

Add Brainpool curves from RFC5639.

Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
 2012-04-22 13:11:48 +00:00
Andy Polyakov
6ca7af9ec0 e_rc4_hmac_md5.c: reapply commit#21726, which was erroneously omitted [from 1.0.1]. 
PR: 2797, 2792
 2012-04-20 21:45:21 +00:00
Dr. Stephen Henson
bc2c8efc80 call OPENSSL_init when calling FIPS_mode too 2012-04-20 14:43:14 +00:00
Dr. Stephen Henson
00bb875240 make ciphers work again for FIPS builds 2012-04-20 00:08:32 +00:00
Andy Polyakov
c3cb563d87 e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms 
[from HEAD].
PR: 2792
 2012-04-19 20:42:24 +00:00
Dr. Stephen Henson
564a503b1b Check for potentially exploitable overflows in asn1_d2i_read_bio 
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
 2012-04-19 16:19:07 +00:00
Dr. Stephen Henson
068fc255ac only call FIPS_cipherinit in FIPS mode 2012-04-18 22:42:06 +00:00
Andy Polyakov
cc8f2fb917 e_rc4_hmac_md5.c: update from HEAD, fixes crash on legacy Intel CPUs. 
PR: 2792
 2012-04-18 17:51:26 +00:00
Dr. Stephen Henson
b583ebb7dd recognise X9.42 DH certificates on servers 2012-04-18 17:03:45 +00:00
Andy Polyakov
f6a1939f0f OPENSSL_NO_SOCK fixes [from HEAD]. 
PR: 2791
Submitted by: Ben Noordhuis
 2012-04-16 17:43:02 +00:00
Andy Polyakov
94c666479d Minor compatibility fixes [from HEAD]. 
PR: 2790
Submitted by: Alexei Khlebnikov
 2012-04-16 17:35:48 +00:00
Andy Polyakov
eb8a65db16 e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag 
countermeasure [from HEAD].

PR: 2778
 2012-04-15 14:23:26 +00:00
Andy Polyakov
e6255a7d1e s390x asm pack: fix typos. 2012-04-12 06:46:49 +00:00
Dr. Stephen Henson
65331f225a oops, macro not present in OpenSSL 1.0.2 2012-04-11 15:10:48 +00:00
Dr. Stephen Henson
64e8dc7981 fix reset fix 2012-04-11 15:05:33 +00:00
Dr. Stephen Henson
737fe7ea29 make reinitialisation work for CMAC 2012-04-11 12:26:27 +00:00
Andy Polyakov
bc0f56d6d7 aes-s390x.pl: fix crash in AES_set_decrypt_key in linux32-s390x build [from HEAD]. 2012-04-09 15:12:30 +00:00
Dr. Stephen Henson
c3cb069108 transparently handle X9.42 DH parameters 
(backport from HEAD)
 2012-04-07 20:42:44 +00:00
Dr. Stephen Henson
491734eb21 Initial experimental support for X9.42 DH parameter format to handle 
RFC5114 parameters and X9.42 DH public and private keys.
(backport from HEAD)
 2012-04-07 20:22:11 +00:00
Dr. Stephen Henson
4e891a191d branches: 1.2.2; 
Correct some parameter values.
(backport from HEAD)
 2012-04-07 17:41:51 +00:00
Dr. Stephen Henson
b73a69a9c2 Update DH_check() to peform sensible checks when q parameter is present. 
(backport from HEAD)
 2012-04-07 17:40:08 +00:00
Dr. Stephen Henson
e811eff5a9 Add RFC5114 DH parameters to OpenSSL. Add test data to dhtest. 
(backport from HEAD)
 2012-04-07 12:19:50 +00:00
Dr. Stephen Henson
a068a1d0e3 Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convert 
between NIDs and the more common NIST names such as "P-256". Enhance
ecparam utility and ECC method to recognise the NIST names for curves.
(backport from HEAD)
 2012-04-06 17:35:01 +00:00
Dr. Stephen Henson
0cb9dbed4e Backport: allow key agreement in SSL/TLS certificates (from HEAD) 2012-04-06 11:36:35 +00:00
Andy Polyakov
8cd2ea552e aes-armv4.pl: make it more foolproof [inspired by aes-s390x.pl in 1.0.1]. 2012-04-05 08:32:08 +00:00
Andy Polyakov
3f0becbf75 aes-s390x.pl: fix endless loop in linux32-s390x build [from 1.0.1]. 2012-04-05 08:17:47 +00:00
Andy Polyakov
7b087bf4a9 modes_lcl.h: make it work on i386 [from HEAD]. 
PR: 2780
 2012-03-31 17:03:43 +00:00
Andy Polyakov
9df9c9d102 vpaes-x86[_64].pl: handle zero length in vpaes_cbc_encrypt [from HEAD]. 
PR: 2775
 2012-03-31 16:55:34 +00:00
Andy Polyakov
265863c6a4 bn/bn_gf2m.c: make new BN_GF2m_mod_inv work with BN_DEBUG_RAND [from HEAD]. 2012-03-30 17:41:00 +00:00
Andy Polyakov
2fee1e0666 ans1/tasn_prn.c: avoid bool in variable names [from HEAD]. 
PR: 2776
 2012-03-29 19:11:59 +00:00
Andy Polyakov
b4ff166cbc perlasm/x86masm.pl: fix last fix [from HEAD]. 2012-03-29 19:11:08 +00:00
Dr. Stephen Henson
861a0722c2 fix leak 2012-03-22 16:28:21 +00:00
Dr. Stephen Henson
b1cef8d984 Submitted by: Markus Friedl <mfriedl@gmail.com> 
Fix memory leaks in 'goto err' cases.
 2012-03-22 15:43:28 +00:00
Dr. Stephen Henson
b911523977 set version to 1.0.2-dev 2012-03-22 15:29:21 +00:00
Andy Polyakov
d68d160cb7 bsaes-x86_64.pl: optimize key conversion [from HEAD]. 2012-03-16 21:45:51 +00:00
Dr. Stephen Henson
f3dcae15ac prepare for 1.0.1 release 2012-03-14 12:04:40 +00:00
Andy Polyakov
bcf9cf89e7 x86_64-xlate.pl: remove old kludge. 
PR: 2435,2440
 2012-03-13 19:19:31 +00:00
Dr. Stephen Henson
f0729fc3e0 corrected fix to PR#2711 and also cover mime_param_cmp 2012-03-12 16:29:47 +00:00
Dr. Stephen Henson
8186c00ef3 Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 16:27:50 +00:00
Dr. Stephen Henson
66fdb1c0d4 check return value of BIO_write in PKCS7_decrypt 2012-03-08 14:02:51 +00:00
Dr. Stephen Henson
25bfdca16a PR: 2755 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
 2012-03-06 13:47:27 +00:00
Richard Levitte
70505bc334 For OpenVMS, use inttypes.h instead of stdint.h 2012-03-01 21:29:16 +00:00
Dr. Stephen Henson
a8595879ec PR: 2742 
Reported by: Dmitry Belyavsky <beldmit@gmail.com>

If resigning with detached content in CMS just copy data across.
 2012-02-29 14:01:53 +00:00
Dr. Stephen Henson
33a688e806 Fix memory leak cause by race condition when creating public keys. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-28 14:47:16 +00:00
Andy Polyakov
5c2bfad9b4 x86cpuid.pl: fix processor capability detection on pre-586 [from HEAD]. 2012-02-28 14:20:34 +00:00
Dr. Stephen Henson
250f979237 PR: 2736 
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
 2012-02-27 18:45:18 +00:00
Dr. Stephen Henson
b527b6e8ff PR: 2737 
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Fix double free in PKCS12_parse if we run out of memory.
 2012-02-27 16:46:45 +00:00
Dr. Stephen Henson
4ed1f3490e PR: 2735 
Make cryptodev digests work. Thanks to Nikos Mavrogiannopoulos for
this fix.
 2012-02-27 16:33:25 +00:00
Dr. Stephen Henson
0a082e9b37 free headers after use in error message 2012-02-27 16:27:09 +00:00
Dr. Stephen Henson
236a99a409 Detect symmetric crypto errors in PKCS7_decrypt. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-27 15:22:54 +00:00
Andy Polyakov
37ebc20093 seed.c: Solaris portability fix from HEAD. 2012-02-26 21:53:28 +00:00
Dr. Stephen Henson
cef781cc87 PR: 2730 
Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>

VMS fixes: disable SCTP by default.
 2012-02-25 17:58:03 +00:00
Dr. Stephen Henson
08e4c7a967 correct CHANGES 2012-02-23 22:13:59 +00:00
Dr. Stephen Henson
697e4edcad PR: 2711 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Tolerate bad MIME headers in parser.
 2012-02-23 21:50:32 +00:00
Dr. Stephen Henson
b26297ca51 PR: 2696 
Submitted by: Rob Austein <sra@hactrn.net>

Fix inverted range problem in RFC3779 code.

Thanks to Andrew Chi for generating test cases for this bug.
 2012-02-23 21:31:22 +00:00
Dr. Stephen Henson
6ca7dba0cf PR: 2727 
Submitted by: Bruce Stephens <bruce.stephens@isode.com>

Use same construct for EXHEADER in srp/Makefile as other makefiles to cope
with possibly empty EXHEADER.
 2012-02-23 13:49:22 +00:00
Dr. Stephen Henson
0cd7a0325f Additional compatibility fix for MDC2 signature format. 
Update RSA EVP_PKEY_METHOD to use the OCTET STRING form of MDC2 signature:
this will make all versions of MDC2 signature equivalent.
 2012-02-15 14:14:01 +00:00
Dr. Stephen Henson
16b7c81d55 An incompatibility has always existed between the format used for RSA 
signatures and MDC2 using EVP or RSA_sign. This has become more apparent
when the dgst utility in OpenSSL 1.0.0 and later switched to using the
EVP_DigestSign functions which call RSA_sign.

This means that the signature format OpenSSL 1.0.0 and later used with
dgst -sign and MDC2 is incompatible with previous versions.

Add detection in RSA_verify so either format works.

Note: MDC2 is disabled by default in OpenSSL and very rarely used in practice.
 2012-02-15 14:00:09 +00:00
Dr. Stephen Henson
c714e43c8d PR: 2717 
Submitted by: Tim Rice <tim@multitalents.net>

Make compilation work on OpenServer 5.0.7
 2012-02-11 23:38:49 +00:00
Dr. Stephen Henson
8705846710 only cleanup ctx if we need to, save ctx flags when we do 2012-02-10 16:54:56 +00:00
Andy Polyakov
d06f047b04 bn_nist.c: make new optimized code dependent on BN_LLONG [from HEAD]. 2012-02-02 07:46:19 +00:00
Andy Polyakov
ddc899bada hpux-parisc2-*: engage assembler [from HEAD] and make it link. 2012-02-02 07:42:31 +00:00
Andy Polyakov
bd479e25c7 ghash-x86.pl: engage original MMX version in no-sse2 builds [from HEAD]. 2012-01-25 17:56:25 +00:00
Andy Polyakov
eaf5bd168e x86_64-xlate.pl: 1.0.1-specific typo. 2012-01-25 17:50:23 +00:00
Dr. Stephen Henson
11ea212e8c only include evp.h once 2012-01-24 22:59:46 +00:00
Dr. Stephen Henson
cb29d8c11f only include string.h once 2012-01-24 22:58:46 +00:00
Andy Polyakov
f02f7c2c4a cryptlib.c: make even non-Windows builds "strtoull-agnostic" [from HEAD]. 2012-01-21 12:18:29 +00:00
Andy Polyakov
a1e44cc14f x86_64-xlate.pl: proper solution for RT#2620 [from HEAD]. 2012-01-21 11:35:20 +00:00
Dr. Stephen Henson
d2d09bf68c change version to beta3-dev 2012-01-19 17:14:17 +00:00
Dr. Stephen Henson
463e76b63c prepare for beta2 2012-01-19 15:37:57 +00:00
Dr. Stephen Henson
7b23c126e6 undef some symbols that cause problems with make depend for fips builds 2012-01-18 01:40:36 +00:00
Andy Polyakov
4fb7e2b445 Fix OPNESSL vs. OPENSSL typos [from HEAD]. 
PR: 2613
Submitted by: Leena Heino
 2012-01-15 13:40:21 +00:00
Dr. Stephen Henson
9138e3c061 fix warning 2012-01-15 13:30:52 +00:00
Andy Polyakov
9b2a29660b Sanitize usage of <ctype.h> functions. It's important that characters 
are passed zero-extended, not sign-extended [from HEAD].
PR: 2682
 2012-01-12 16:28:03 +00:00
Andy Polyakov
b7b4a9fa57 sparcv9cap.c: omit unused variable. 2012-01-12 14:19:52 +00:00
Andy Polyakov
958e6a75a1 asn1/t_x509.c: fix serial number print, harmonize with a_int.c [from HEAD]. 
PR: 2675
Submitted by: Annie Yousar
 2012-01-11 21:12:47 +00:00
Andy Polyakov
397977726c aes-sparcv9.pl: clean up regexp [from HEAD]. 
PR: 2685
 2012-01-11 15:32:08 +00:00
Dr. Stephen Henson
285d9189c7 PR: 2652 
Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>

OpenVMS fixes.
 2012-01-05 14:30:08 +00:00
Dr. Stephen Henson
2f97765bc3 Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) 2012-01-04 23:01:19 +00:00
Dr. Stephen Henson
3205ca8deb fix warnings 2012-01-04 14:46:04 +00:00
Dr. Stephen Henson
ab585551c0 prepare for 1.0.1-beta1 2012-01-03 13:30:28 +00:00
Dr. Stephen Henson
6cf0d7b999 OpenSSL 1.0.1 is now in beta. 2012-01-02 18:28:28 +00:00
Dr. Stephen Henson
9d972207f0 incomplete provisional OAEP CMS decrypt support 2012-01-02 18:16:40 +00:00
Dr. Stephen Henson
5c05f69450 make update 2011-12-27 14:38:27 +00:00
Dr. Stephen Henson
f529dca488 fix error code 2011-12-27 14:37:43 +00:00
Dr. Stephen Henson
e065e6cda2 PR: 2535 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Add SCTP support for DTLS (RFC 6083).
 2011-12-25 14:45:40 +00:00
Dr. Stephen Henson
62308f3f4a PR: 2563 
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve

Improved PRNG seeding for VOS.
 2011-12-19 17:02:35 +00:00
Andy Polyakov
700384be8e vpaes-x86.pl: revert previous commit and solve the problem through x86masm.pl [from HEAD]. 
PR: 2657
 2011-12-15 22:20:26 +00:00
Dr. Stephen Henson
b8a22c40e0 PR: 1794 
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Remove unnecessary code for srp and to add some comments to
s_client.

- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable

- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.
 2011-12-14 22:18:03 +00:00
Andy Polyakov
3918de9ad1 vpaes-x86.pl: portability fix. 
PR: 2657
 2011-12-14 21:30:25 +00:00
Andy Polyakov
7b467c6b81 modexp512-x86_64.pl: Solaris portability fix [from HEAD]. 
PR: 2656
 2011-12-12 15:12:09 +00:00
Dr. Stephen Henson
e559febaf1 typo 2011-12-10 01:37:55 +00:00
Ben Laurie
6a4b87eb9d Fix warning. 2011-12-09 20:15:48 +00:00
Andy Polyakov
edcba19c23 perlasm/x86gas.pl: give a hand old assemblers assembling loop instruction 
[from HEAD].
 2011-12-09 19:16:35 +00:00
Andy Polyakov
b140ae9137 cryptlib.c: allow for OPENSSL_ia32cap=~0x????? syntax for environment value 
in question.
 2011-12-09 15:46:41 +00:00
Andy Polyakov
8ee0591f28 x86-mont.pl: fix bug in integer-only squaring path. 
PR: 2648
 2011-12-09 14:26:28 +00:00
Ben Laurie
825e1a7c56 Fix warnings. 2011-12-02 14:39:41 +00:00
Bodo Möller
a0dce9be76 Fix ecdsatest.c. 
Submitted by: Emilia Kasper
 2011-12-02 12:40:42 +00:00
Bodo Möller
cf2b938529 Fix BIO_f_buffer(). 
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
 2011-12-02 12:24:48 +00:00
Andy Polyakov
62f685a9cd bn/asm/mips.pl: fix typos [from HEAD]. 2011-12-01 12:17:20 +00:00
Dr. Stephen Henson
a310428527 Workaround so "make depend" works for fips builds. 2011-11-22 12:50:59 +00:00
Andy Polyakov
0a8f00af34 bsaes-x86_64.pl: fix buffer overrun in tail processing [from HEAD]. 2011-11-16 23:36:40 +00:00
Ben Laurie
060a38a2c0 Add DTLS-SRTP. 2011-11-15 23:02:16 +00:00
Andy Polyakov
58402976b4 aes-armv4.pl: make it link. 2011-11-15 13:55:52 +00:00
Andy Polyakov
cd7b854bbb e_rc4_hmac_md5.c: make it work on darwin64, which is configured with RC4_CHAR. 2011-11-15 12:39:48 +00:00
Andy Polyakov
aecc0756e8 aes-s390x.pl: make it link. 2011-11-15 12:20:55 +00:00
Andy Polyakov
e6ccc6ed70 Configure, e_aes.c: allow for XTS assembler implementation [from HEAD]. 2011-11-15 12:19:56 +00:00
Andy Polyakov
e959a01fac e_aes.c: jumbo update from HEAD. 2011-11-14 21:17:08 +00:00
Andy Polyakov
17674bfdf7 ec_cvt.c: performance update from HEAD. 2011-11-14 21:14:53 +00:00
Andy Polyakov
d807d4c21f c_allc.c: add XTS ciphers [from HEAD]. 2011-11-14 21:13:35 +00:00
Andy Polyakov
2357ae17e7 x86 assembler pack update from HEAD. 2011-11-14 21:06:50 +00:00
Andy Polyakov
9f1c5491d2 BN update from HEAD. 2011-11-14 21:05:42 +00:00
Andy Polyakov
70b52222f5 x86_64 assembler pack update from HEAD. 2011-11-14 21:01:21 +00:00
Andy Polyakov
88cb59727c ARM assembler pack update from HEAD. 2011-11-14 20:58:01 +00:00
Andy Polyakov
781bfdc314 Alpha assembler pack update from HEAD. 2011-11-14 20:56:15 +00:00
Andy Polyakov
b66723b23e MIPS assembler pack update from HEAD. 2011-11-14 20:55:24 +00:00
Andy Polyakov
cf96d71c22 PPC assembler pack update from HEAD. 2011-11-14 20:54:17 +00:00
Andy Polyakov
1a111921da PA-RISC assembler pack update from HEAD. 2011-11-14 20:50:15 +00:00
Andy Polyakov
5d9bb428bb SPARCv9 assembler pack update from HEAD. 2011-11-14 20:48:35 +00:00
Andy Polyakov
9833757b5d s390x assembler pack update from HEAD. 2011-11-14 20:47:22 +00:00
Andy Polyakov
4195343c0d IA64 assembler pack update from HEAD. 2011-11-14 20:45:57 +00:00
Andy Polyakov
042bee4e5c perlasm update from HEAD. 2011-11-14 20:44:20 +00:00
Andy Polyakov
4afba1f3d9 Mafiles updates to accomodate assembler update from HEAD. 2011-11-14 20:42:22 +00:00
Dr. Stephen Henson
5999d45a5d DH keys have an (until now) unused 'q' parameter. When creating from DSA copy 
q across and if q present generate DH key in the correct range. (from HEAD)
 2011-11-14 14:16:09 +00:00
Dr. Stephen Henson
f69e5d6a19 Call OPENSSL_init after we've checked to see if customisation is permissible. 2011-11-14 14:15:29 +00:00
Ben Laurie
3517637702 Ignorance. 2011-11-14 02:42:26 +00:00
Ben Laurie
4c02cf8ecc make depend. 2011-11-13 20:23:34 +00:00
Andy Polyakov
6471ec71aa x86cpuid.pl: compensate for imaginary virtual machines [from HEAD]. 
PR: 2633
 2011-11-08 21:28:14 +00:00
Andy Polyakov
cb45708061 x86cpuid.pl: don't punish "last-year" OSes on "this-year" CPUs. 
PR: 2633
 2011-11-05 10:44:25 +00:00
Andy Polyakov
02597f2885 ppc.pl: fix bug in bn_mul_comba4 [from HEAD]. 
PR: 2636
Submitted by: Charles Bryant
 2011-11-05 10:16:30 +00:00
Richard Levitte
8c6a514edf Add missing algorithms to disable, and in particular, disable 
EC_NISTP_64_GCC_128 by default, as GCC isn't currently supported on
VMS.  Add CMAC to the modules to build, and synchronise with Unix.
 2011-10-30 11:45:30 +00:00
Dr. Stephen Henson
a8d72c79db PR: 2632 
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
 2011-10-26 16:43:23 +00:00
Dr. Stephen Henson
03f84c8260 Update error codes for FIPS. 
Add support for authentication in FIPS_mode_set().
 2011-10-21 13:04:27 +00:00
Bodo Möller
67f8de9ab8 "make update" 2011-10-19 15:24:44 +00:00
Bodo Möller
2d95ceedc5 BN_BLINDING multi-threading fix. 
Submitted by: Emilia Kasper (Google)
 2011-10-19 14:58:59 +00:00
Bodo Möller
3d520f7c2d Fix warnings. 
Also, use the common Configure mechanism for enabling/disabling the 64-bit ECC code.
 2011-10-19 08:58:35 +00:00
Bodo Möller
9c37519b55 Improve optional 64-bit NIST-P224 implementation, and add NIST-P256 and 
NIST-P521. (Now -DEC_NISTP_64_GCC_128 enables all three of these;
-DEC_NISTP224_64_GCC_128 no longer works.)

Submitted by: Google Inc.
 2011-10-18 19:43:54 +00:00
Andy Polyakov
a99ce1f5b1 e_aes.c: fix bug in aesni_gcm_tls_cipher [in HEAD]. 2011-10-14 09:34:14 +00:00
Andy Polyakov
42660b3cf1 aesni-x86[_64].pl: pull from HEAD. 2011-10-14 09:21:03 +00:00
Bodo Möller
93ff4c69f7 Make CTR mode behaviour consistent with other modes: 
clear ctx->num in EVP_CipherInit_ex

Submitted by: Emilia Kasper
 2011-10-13 13:42:29 +00:00
Dr. Stephen Henson
6841abe842 update pkey method initialisation and copy 2011-10-11 18:16:02 +00:00
Dr. Stephen Henson
cb70355d87 Backport ossl_ssize_t type from HEAD. 2011-10-10 22:33:50 +00:00