Commit graph

7379 commits

Author SHA1 Message Date
Richard Levitte
483b312391 Update the VMS fips library builder with the DH library. 2004-08-10 09:11:07 +00:00
Richard Levitte
1033449613 make update 2004-08-10 09:09:08 +00:00
Richard Levitte
f992081682 Correct typos and include directory specifications. 2004-08-09 12:14:08 +00:00
Richard Levitte
5ad93a12b2 In the fips directory, we use FIPS-LIB.COM, not CRYPTO-LIB.COM... 2004-08-09 12:13:36 +00:00
Dr. Stephen Henson
efeb352163 In ca.c setup engine after autoconfig so any dynamic engines are visible. 2004-08-06 12:43:54 +00:00
Dr. Stephen Henson
44dd6865b9 Stop compiler giving bogus shadow warning. 2004-08-05 18:11:43 +00:00
Dr. Stephen Henson
bb82123707 Don't ignore return values of EVP_DigestInit_ex() in md BIOs and dgst. 2004-08-05 18:10:46 +00:00
Richard Levitte
eb7bb58471 Let's lock a write lock when changing values, shall we?
Thanks to Dr Stephen Henson <shenson@drh-consultancy.co.uk> for making
me aware of this error.
2004-08-02 14:15:07 +00:00
Richard Levitte
7f9c37457a To protect FIPS-related global variables, add locking mechanisms
around them.

NOTE: because two new locks are added, this adds potential binary
incompatibility with earlier versions in the 0.9.7 series.  However,
those locks will only ever be touched when FIPS_mode_set() is called
and after, thanks to a variable that's only changed from 0 to 1 once
(when FIPS_mode_set() is called).  So basically, as long as FIPS mode
hasn't been engaged explicitely by the calling application, the new
locks are treated as if they didn't exist at all, thus not becoming a
problem.  Applications that are built or rebuilt to use FIPS
functionality will need to be recompiled in any case, thus not being a
problem either.
2004-07-30 14:38:02 +00:00
Richard Levitte
86022a79a5 We're building crypto stuff, not ssl stuff. Additionally, we're in
the fips subdirectory, not the crypto one...
2004-07-29 22:26:57 +00:00
Richard Levitte
88a8ae6aee We build the crypto stuff, not the ssl stuff, in this command procedure... 2004-07-29 22:26:03 +00:00
Richard Levitte
b58e24ac57 Define OPENSSL_FIPS in opensslconf.h if a logical name with the same
name is defined.

Go up one directory level before dealing with FIPS stuff.
2004-07-28 13:47:58 +00:00
Richard Levitte
496c4e1033 From the FIPS directory, darnit! 2004-07-28 02:24:48 +00:00
Dr. Stephen Henson
0b948f3677 New cipher "strength" FIPS which specifies that a
cipher suite is FIPS compatible.

New cipherstring "FIPS" is all FIPS compatible ciphersuites except eNULL.

Only allow FIPS ciphersuites in FIPS mode.
2004-07-27 18:28:49 +00:00
Richard Levitte
7f911c668d Typo 2004-07-27 14:09:13 +00:00
Richard Levitte
e81ef01a0a The compiler may complain about what looks like a double definition of a
static variable
2004-07-27 13:58:25 +00:00
Dr. Stephen Henson
d2033156c5 Rename libcrypto.sha1 to libcrypto.a.sha1 2004-07-27 12:22:08 +00:00
Dr. Stephen Henson
e4c1c03c5b Add FIPS name to error library. 2004-07-27 00:20:41 +00:00
Dr. Stephen Henson
5edd0f51e3 Stop compiler warnings. 2004-07-27 00:17:46 +00:00
Andy Polyakov
1ecb88b95a Add casts where casts due. It's "safe" to cast, because "wrong" casts
will either be optimized away or never performed. The trouble is that
compiler first parses code, then optimizes, not both at once...
2004-07-24 13:40:47 +00:00
Ben Laurie
03ecfadf3d Convert to X9.31. 2004-07-23 13:20:32 +00:00
Andy Polyakov
64c6865427 Proper WinCE support for listing files. "Backported" from HEAD. 2004-07-22 16:39:48 +00:00
Dr. Stephen Henson
43894f9c0d When in FIPS mode write private keys in PKCS#8 and PBES2 format to
avoid use of prohibited MD5 algorithm.
2004-07-21 17:41:26 +00:00
Dr. Stephen Henson
40007ad24d Avoid compiler warnings. 2004-07-21 17:35:49 +00:00
Andy Polyakov
c6e27dcf31 Make rand_win.c UNICODE savvy. "Backport" from HEAD. 2004-07-21 17:18:53 +00:00
Richard Levitte
a47e836efe Since version 7.0, The C RTL in VMS handles time in terms of UTC
instead of local time.
2004-07-19 07:49:47 +00:00
Andy Polyakov
370358dfb4 Sync with HEAD. Up to >20% overall performance improvement. 2004-07-17 13:27:38 +00:00
Andy Polyakov
a77b16abd4 IA-64 is intolerant to misaligned access. It was a problem on Win64 as
we were mislead by _MSC_VER macro, which is defined by *all* Windows
Microsoft compilers.
2004-07-17 12:54:54 +00:00
Andy Polyakov
061c8f977d Eliminate enforced -g from CFLAGS. It switches off optimization with some
compilers, e.g. DEC C.
2004-07-17 12:48:35 +00:00
Ben Laurie
d70f5891da Corrected test program. 2004-07-12 17:59:50 +00:00
Richard Levitte
901959c945 I think it could be a good thing to know what went wrong with the tests... 2004-07-12 12:25:56 +00:00
Bodo Möller
a857495d17 improve wording 2004-07-12 06:24:21 +00:00
Bodo Möller
b1640e47e4 BIS correction/addition 2004-07-11 09:29:41 +00:00
Richard Levitte
5358bc44f4 o_str.c: Windows doesn't have <strings.h>, and since we use _strnicmp() and
_stricmp() on that platform, use the appropriate header file for it,
<string.h>.
o_str.h: we only want to get size_t, which is defined in <stddef.h>.

Philippe Bougeret <philippe.bougeret@freesbee.fr> notified us about Windows
not having a <strings.h>
2004-07-08 08:32:51 +00:00
Dr. Stephen Henson
a7f14cb4c6 Delta CRL support in extension code. 2004-07-06 17:26:33 +00:00
Dr. Stephen Henson
531b538df5 Ooops, missed part of PKCS#8 patch. 2004-07-06 17:25:11 +00:00
Dr. Stephen Henson
49ede900fa Fix memory leak. 2004-07-04 16:36:58 +00:00
Dr. Stephen Henson
7c6cf1b176 Don't try to parse none string types. 2004-07-01 18:50:12 +00:00
Richard Levitte
fa5cea169a Explain a little better what BN_num_bits() and BN_num_bits_word() do.
Add a note as to how these functions do not always return the key size, and
how one can deal with that.

PR: 907
2004-07-01 12:33:44 +00:00
Richard Levitte
83f22920c2 Changes for VOS, submitted by Paul Green <Paul.Green@stratus.com>.
PR: 499
2004-06-28 22:01:07 +00:00
Richard Levitte
bec15f2109 Make sure the FIPS stuff is only really compiled when in FIPS mode. 2004-06-28 20:33:35 +00:00
Richard Levitte
43c0d77296 Make the tests of EVP operations without padding. As a consequence,
there's no need for a larger BUFSIZE any more...

PR: 904
2004-06-28 16:32:14 +00:00
Richard Levitte
46b7624b8e Make sure that the buffers are large enough to contain padding.
PR: 904
2004-06-28 12:23:40 +00:00
Richard Levitte
9e356100d0 Linux on ARM needs -ldl
PR: 905
2004-06-28 10:31:09 +00:00
Dr. Stephen Henson
7ca482062f Memory leak fixes from main branch. 2004-06-24 13:05:50 +00:00
Dr. Stephen Henson
ef4c5802ec Reformat source for pkcs8.c 2004-06-24 12:54:38 +00:00
Dr. Stephen Henson
fee38dcb9a Return an error if an attempt is made to encode or decode
cipher ASN1 parameters and the cipher doesn't support it.
2004-06-24 12:31:48 +00:00
Dr. Stephen Henson
c116de76ad Include <string.h> to get definition of strcmp. 2004-06-24 12:12:43 +00:00
Richard Levitte
6069bdbe27 Standard sh doesn't tolerate ! as part of the conditional command.
PR: 900
2004-06-21 18:05:53 +00:00
Richard Levitte
871fe9107d Make sure we don't try to loop over an empty EXHEADER. In the
Makefiles where this was fixed by commenting away code, change it to
check for an empty EXHEADER instead, so we have less hassle in a
future where EXHEADER changes.

PR: 900
2004-06-21 09:07:41 +00:00