Commit graph

43 commits

Author SHA1 Message Date
Richard Levitte
a2617f727d Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:53:31 +00:00
Richard Levitte
ee478901b0 Make sure memmove() is defined, even on SunOS 4.1.4.
PR: 963
2004-11-01 07:58:43 +00:00
Andy Polyakov
4157fae6fe Sync aes_ctr.c with HEAD. 2004-08-23 22:28:27 +00:00
Andy Polyakov
a77b16abd4 IA-64 is intolerant to misaligned access. It was a problem on Win64 as
we were mislead by _MSC_VER macro, which is defined by *all* Windows
Microsoft compilers.
2004-07-17 12:54:54 +00:00
Richard Levitte
5affe206e1 Define FIPS_*_SIZE_T for AES, DSA and RSA as well, in preparation for
size_t-ification of those algorithms in future version of OpenSSL...
2004-05-19 14:16:33 +00:00
Ben Laurie
3642f632d3 Pull FIPS back into stable. 2004-05-11 12:46:24 +00:00
Richard Levitte
cc056d6395 Use sh explicitely to run point.sh
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:00:24 +00:00
Richard Levitte
db5b10fab5 Removing those memcpy()s also took away the possibility for in and out to
be the same.  Therefore, the removed memcpy()s need to be restored.
2003-10-29 06:21:25 +00:00
Richard Levitte
fa5846e58b Correct serious bug in AES-CBC decryption when the message length isn't
a multiple of AES_BLOCK_SIZE.
Optimize decryption of all complete blocks in AES-CBC by removing an
unnecessary memcpy().

The error was notified by James Fernandes <jf210032@exchange.DAYTONOH.NCR.com>.
The unnecessary memcpy() was found as an effect of investigating that error.
2003-10-15 09:00:18 +00:00
Richard Levitte
4ed9388e5d A new branch for FIPS-related changes has been created with the name
OpenSSL-fips-0_9_7-stable.

Since the 0.9.7-stable branch is supposed to be in freeze and should
only contain bug corrections, this change removes the FIPS changes
from that branch.
2003-08-11 09:37:17 +00:00
Ben Laurie
f3b2ea53e2 AES CFB8. 2003-07-29 17:05:16 +00:00
Ben Laurie
e8f8249319 Working CFB1 and test vectors. 2003-07-29 10:56:56 +00:00
Ben Laurie
e2ced802b4 Add support for partial CFB modes, make tests work, update dependencies. 2003-07-28 15:08:00 +00:00
Ben Laurie
75622f1ece Unfinished FIPS stuff for review/improvement. 2003-07-27 17:00:51 +00:00
Ben Laurie
a052dd6532 Add untested CFB-r mode. Will be tested soon. 2003-07-27 13:46:57 +00:00
Richard Levitte
5f24adda77 Oops, I forgot to replace 'counter' with 'ivec' when used... 2003-07-03 20:50:46 +00:00
Richard Levitte
ba64c2cc8f The 'counter' is really the IV. 2003-07-03 06:42:45 +00:00
Richard Levitte
29e62e487f Change AES-CTR to increment the IV by 1 instead of 2^64. 2003-07-03 06:41:33 +00:00
Richard Levitte
4eebab0d22 The output from AES_cbc_encrypt() should be exact multiple blocks when encrypting 2003-06-10 04:11:46 +00:00
Andy Polyakov
246f2b016b Workaround for lame compiler bug introduced in "CPU pack" for MSVC6SP5. 2003-01-23 10:05:59 +00:00
Richard Levitte
d7de7bcf3e Make AES_ENCRYPT and AES_DECRYPT macros instead of static constants.
PR: 411
2002-12-20 18:21:38 +00:00
Richard Levitte
29ca164513 WinCE patches 2002-11-15 22:44:08 +00:00
Richard Levitte
5bf0d0ea1e Remove warnings. 2002-11-14 15:58:01 +00:00
Bodo Möller
e2c2152be9 disable weird assert()s 2002-11-13 14:01:19 +00:00
Ben Laurie
9831d941ca Many security improvements (CHATS) and a warning fix. 2002-11-12 13:23:40 +00:00
Richard Levitte
3d470fc7b7 Make the CBC mode od AES accept lengths that aren't multiples of 16.
PR: 330
2002-11-12 11:00:35 +00:00
Richard Levitte
9a01bc0732 Add more commentary. Check that *num is smaller than the block size. 2002-10-11 22:42:40 +00:00
Richard Levitte
dbcc560717 The AES CTR API was buggy, we need to save the encrypted counter as well
between calls, or that will be lost if it returned with *num non-zero.
2002-10-11 22:37:44 +00:00
Richard Levitte
ff90d659e6 Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:21:33 +00:00
Richard Levitte
ca55c617e5 Pass CFLAG to dependency makers, so non-standard system include paths are
handled properly.
Part of PR 75
2002-06-27 16:44:52 +00:00
Bodo Möller
7a68e6aad1 always include <string.h> (we do this in various other header files,
so it can't be bad)

PR: 102
2002-06-18 09:35:29 +00:00
Richard Levitte
90b480f2af In CFB mode, the iv is always encrypted. 2002-05-31 13:07:45 +00:00
Richard Levitte
6c98ed520d Correct AES counter mode, which incorrectly incremented the counter before
using it.
PR: 56
2002-05-30 14:06:17 +00:00
Richard Levitte
3d59821134 make update 2002-02-26 14:37:25 +00:00
Richard Levitte
bd53a054b1 Merg in recent changes from the main trunk. 2002-02-20 12:28:32 +00:00
Richard Levitte
58133d22a8 Add the modes OFB128, CFB128 and CTR128 to AES.
Submitted by Stephen Sprunk <stephen@sprunk.org>
2002-02-16 12:21:43 +00:00
cvs2svn
330e5c5460 This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_7-stable'.
2002-02-16 12:20:35 +00:00
Richard Levitte
97879bcd57 Add the modes OFB128, CFB128 and CTR128 to AES.
Submitted by Stephen Sprunk <stephen@sprunk.org>
2002-02-16 12:20:34 +00:00
Richard Levitte
f6fbd470e3 It looks like I didn't remove everything that has to do with the
non-existant aestest.c.
2002-01-26 04:45:37 +00:00
Richard Levitte
72165799a8 There is no aestest currently. The EVP tester is used to check the
AES algorithm.
2002-01-25 07:52:25 +00:00
Ben Laurie
9dd5ae6553 Constification, add config to /dev/crypto. 2002-01-18 16:51:05 +00:00
Geoff Thorpe
e4dd79bbc8 - Add the same header stuff to aes_locl.h as is in des_locl.h to avoid
undefined functions (memset, etc).
- Put a .cvsignore in the aes directory too.
2002-01-05 12:55:08 +00:00
Richard Levitte
6f9079fd50 Because Rijndael is more known as AES, use crypto/aes instead of
crypto/rijndael.  Additionally, I applied the AES integration patch
from Stephen Sprunk <stephen@sprunk.org> and fiddled it to work
properly with the normal EVP constructs (and incidently work the same
way as all other symmetric cipher implementations).

This results in an API that looks a lot like the rest of the OpenSSL
cipher suite.
2002-01-02 16:55:35 +00:00