Richard Levitte
4ed9388e5d
A new branch for FIPS-related changes has been created with the name
...
OpenSSL-fips-0_9_7-stable.
Since the 0.9.7-stable branch is supposed to be in freeze and should
only contain bug corrections, this change removes the FIPS changes
from that branch.
2003-08-11 09:37:17 +00:00
Ben Laurie
75622f1ece
Unfinished FIPS stuff for review/improvement.
2003-07-27 17:00:51 +00:00
Richard Levitte
75e3026a14
Cleanse memory using the new OPENSSL_cleanse() function.
...
I've covered all the memset()s I felt safe modifying, but may have missed some.
2002-11-28 08:09:03 +00:00
Bodo Möller
f9b0f47c0c
copyright
2001-09-10 14:51:19 +00:00
Bodo Möller
ea7150b070
The various hash #includes in rand_lcl.h *are* needed despite
...
<openssl/evp.h> is now used (MD_DIGEST_LENGTH definitions!).
No need to include such headers directly in md_rand.c.
2001-09-07 23:55:15 +00:00
Ben Laurie
da8a2e6f90
Now need sha.h for some reason.
2001-09-07 11:44:17 +00:00
Ben Laurie
d66ace9da5
Start to reduce some of the header bloat.
2001-08-05 18:02:16 +00:00
Ben Laurie
dbad169019
Really add the EVP and all of the DES changes.
2001-07-30 23:57:25 +00:00
Bodo Möller
daba492c3a
md_rand.c thread safety
2001-07-25 17:17:24 +00:00
Bodo Möller
badb910f3c
Avoid race condition.
...
Submitted by: Travis Vitek <vitek@roguewave.com>
2001-07-24 12:31:14 +00:00
Bodo Möller
e9ad0d2c31
Fix PRNG.
2001-07-10 10:49:34 +00:00
Dr. Stephen Henson
323f289c48
Change all calls to low level digest routines in the library and
...
applications to use EVP. Add missing calls to HMAC_cleanup() and
don't assume HMAC_CTX can be copied using memcpy().
Note: this is almost identical to the patch submitted to openssl-dev
by Verdon Walker <VWalker@novell.com> except some redundant
EVP_add_digest_()/EVP_cleanup() calls were removed and some changes
made to avoid compiler warnings.
2001-06-19 22:30:40 +00:00
Lutz Jänicke
47b0f48dd9
ERR_peek_error() returns "unsigned long".
2001-06-07 17:20:50 +00:00
Bodo Möller
6e6d04e29a
fix md_rand.c locking bugs
2001-04-18 15:07:35 +00:00
Bodo Möller
8562801137
error codes are longs, not ints
2001-03-15 11:30:55 +00:00
Richard Levitte
41d2a336ee
e_os.h does not belong with the exported headers. Do not put it there
...
and make all files the depend on it include it without prefixing it
with openssl/.
This means that all Makefiles will have $(TOP) as one of the include
directories.
2001-02-22 14:45:02 +00:00
Richard Levitte
bc36ee6227
Use new-style system-id macros everywhere possible. I hope I haven't
...
missed any.
This compiles and runs on Linux, and external applications have no
problems with it. The definite test will be to build this on VMS.
2001-02-20 08:13:47 +00:00
Richard Levitte
cf1b7d9664
Make all configuration macros available for application by making
...
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Richard Levitte
d309394447
Make sure that 'initialized' is zeroed as well when cleaning up.
2000-08-08 15:06:44 +00:00
Richard Levitte
d6ade7422a
Looks like Win32 builds do not define THREADS. However, they're still
...
supporting threads, which means that th assertion is supperbly
dangerous, so make sure it's not compiled under Win32, period.
2000-07-27 20:14:39 +00:00
Richard Levitte
a4125514f5
There's a deadlock when ssleay_rand_bytes is called the first time, since
...
it wants to stir the pool using ssleay_rand_add. This fix provides the
possibility to call ssleay_rand_add inside a locked state by simply telling
it not to do any locking through a static variable. This isn't the most
elegant way one could do this, but it does retain thread safety during the
stirring process.
2000-07-26 08:32:00 +00:00
Ulf Möller
8ad7635ec9
Move RNG initialization to RAND_poll(), and shared definitions to
...
rand_lcl.h
2000-07-19 21:43:23 +00:00
Richard Levitte
3b3bc455d0
That's it, I've seen questions about this one time too many for
...
today. Time to add extra info so the poor users know where to
go with their troubles.
2000-06-28 14:32:12 +00:00
Bodo Möller
2ace287dea
Move Windows seeding functions into a separate file.
...
They have nothing to do with the particular PRNG (md_rand.c).
2000-05-31 12:48:35 +00:00
Bodo Möller
361ee9733f
Improve PRNG robustness.
2000-05-30 21:44:36 +00:00
Bodo Möller
b841e0acd8
'entropy >= ENTROPY_NEEDED' should be evaluated while the
...
variables are locked.
2000-03-30 06:11:54 +00:00
Richard Levitte
7ae634de49
Since ssleay_rand_initialize() unlocks then locks CRYPTO_LOCK_RAND,
...
it's a good thing if ssleay_rand_status() would do the corresponding
lock and unlock as everyone else...
2000-03-29 17:25:52 +00:00
Ulf Möller
a6aa71ff5f
Bug fix: RAND_write_file() failed to write to files created by open()
...
on Win32.
2000-03-19 22:57:07 +00:00
Ulf Möller
f3f3cc0cca
oops. don't use "entropy" directly.
2000-03-19 17:20:26 +00:00
Ulf Möller
c97b11f4b3
New function RAND_event() collects entropy from Windows events.
2000-03-19 17:14:25 +00:00
Bodo Möller
863fe2ecac
cleaning up a little
2000-03-12 23:27:14 +00:00
Bodo Möller
5eb8ca4d92
Use RAND_METHOD for implementing RAND_status.
2000-03-02 14:34:58 +00:00
Ulf Möller
e64dceab74
Switch for turning on the predictable "random" number generator.
2000-02-28 20:19:39 +00:00
Bodo Möller
c6709c6b0f
handle entropy estimate correctly
2000-02-25 07:40:53 +00:00
Bodo Möller
1a33f6da8b
Don't use buffered fread() to read from DEVRANDOM,
...
because this will drain the entropy pool.
2000-02-24 20:24:45 +00:00
Ulf Möller
4ec2d4d2b3
Support EGD.
2000-02-24 02:51:47 +00:00
Bodo Möller
853f757ece
Allow for higher granularity of entropy estimates by using 'double'
...
instead of 'unsigned' counters.
Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp.
Partially submitted by Yoram Meroz <yoram@mail.idrive.com>.
2000-02-19 15:22:53 +00:00
Bodo Möller
0a751d8ce8
16 * 8 = 128.
2000-02-10 21:47:06 +00:00
Ulf Möller
657e60fa00
ispell (and minor modifications)
2000-02-03 23:23:24 +00:00
Bodo Möller
c88a900fa1
update PRNG documentation/comments
2000-01-22 23:11:13 +00:00
Ulf Möller
0b5cfe32e9
Use comment from md_rand.c in rand.pod
2000-01-21 23:36:40 +00:00
Bodo Möller
2c8aeddc5d
change comments
2000-01-21 20:18:09 +00:00
Bodo Möller
720b3598d6
Avoid integer overflow in entropy counter.
...
Slightly clarify the RAND_... documentation.
2000-01-21 19:54:22 +00:00
Ulf Möller
60b5245360
Document RAND library.
2000-01-21 17:50:27 +00:00
Ulf Möller
373b575f5a
New function RAND_pseudo_bytes() generated pseudorandom numbers that
...
are not guaranteed to be unpredictable.
2000-01-16 15:58:17 +00:00
Bodo Möller
2f878669b7
Avoid shadowing variables,
...
and re-enable seeding with more data than read from DEVRANDOM -- just
don't pretend it contains entropy.
2000-01-14 09:08:39 +00:00
Ulf Möller
f2b86c955c
minor change for the prng
2000-01-14 02:31:32 +00:00
Ulf Möller
eb952088f0
Precautions against using the PRNG uninitialized: RAND_bytes() now
...
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
2000-01-13 20:59:17 +00:00
Andy Polyakov
9a1e34e5de
MacOS updates.
1999-12-19 16:07:19 +00:00
Bodo Möller
62ac293801
Always hash the pid in the first iteration in ssleay_rand_bytes,
...
don't try to detect fork()s by looking at getpid().
The reason is that threads sharing the same memory can have different
PIDs; it's inefficient to run RAND_seed each time a different thread
calls RAND_bytes.
1999-10-26 16:26:48 +00:00