Commit graph

7339 commits

Author SHA1 Message Date
Dr. Stephen Henson
cfafb6a73d When looking for request extensions in a certificate look first
for the PKCS#9 OID then the non standard MS OID.
2004-09-10 20:26:30 +00:00
Richard Levitte
818c0b2e42 num is an unsigned long, but since it was transfered from
crypto/sha/sha_locl.h, where it is in fact an int, we need to check
for less-than-zero as if it was an int...
2004-09-06 14:21:14 +00:00
Richard Levitte
aef8807e76 Replace the bogus checks of n with proper uses of feof(), ferror() and
clearerr().
2004-09-06 14:19:59 +00:00
Andy Polyakov
4157fae6fe Sync aes_ctr.c with HEAD. 2004-08-23 22:28:27 +00:00
Richard Levitte
15902f8341 'compatibility', not 'computability' :-)... 2004-08-18 15:48:22 +00:00
Richard Levitte
8bcd746e84 Another missing module in the VMS build files. I believe this is the
last, though...
2004-08-11 20:34:12 +00:00
Richard Levitte
56fe40191d Stupid casts... 2004-08-11 17:41:17 +00:00
Dr. Stephen Henson
97c802588c Update FAQ. 2004-08-11 17:24:42 +00:00
Dr. Stephen Henson
8c172bce1c Make ASN1_INTEGER_cmp() work as expected with negative integers. 2004-08-10 17:40:31 +00:00
Richard Levitte
4fa9664f5e With DEC C in ANSI C mode, we need to define _XOPEN_SOURCE_EXTENDED to
get struct timeval and gettimeofday().
2004-08-10 10:04:13 +00:00
Richard Levitte
483b312391 Update the VMS fips library builder with the DH library. 2004-08-10 09:11:07 +00:00
Richard Levitte
1033449613 make update 2004-08-10 09:09:08 +00:00
Richard Levitte
f992081682 Correct typos and include directory specifications. 2004-08-09 12:14:08 +00:00
Richard Levitte
5ad93a12b2 In the fips directory, we use FIPS-LIB.COM, not CRYPTO-LIB.COM... 2004-08-09 12:13:36 +00:00
Dr. Stephen Henson
efeb352163 In ca.c setup engine after autoconfig so any dynamic engines are visible. 2004-08-06 12:43:54 +00:00
Dr. Stephen Henson
44dd6865b9 Stop compiler giving bogus shadow warning. 2004-08-05 18:11:43 +00:00
Dr. Stephen Henson
bb82123707 Don't ignore return values of EVP_DigestInit_ex() in md BIOs and dgst. 2004-08-05 18:10:46 +00:00
Richard Levitte
eb7bb58471 Let's lock a write lock when changing values, shall we?
Thanks to Dr Stephen Henson <shenson@drh-consultancy.co.uk> for making
me aware of this error.
2004-08-02 14:15:07 +00:00
Richard Levitte
7f9c37457a To protect FIPS-related global variables, add locking mechanisms
around them.

NOTE: because two new locks are added, this adds potential binary
incompatibility with earlier versions in the 0.9.7 series.  However,
those locks will only ever be touched when FIPS_mode_set() is called
and after, thanks to a variable that's only changed from 0 to 1 once
(when FIPS_mode_set() is called).  So basically, as long as FIPS mode
hasn't been engaged explicitely by the calling application, the new
locks are treated as if they didn't exist at all, thus not becoming a
problem.  Applications that are built or rebuilt to use FIPS
functionality will need to be recompiled in any case, thus not being a
problem either.
2004-07-30 14:38:02 +00:00
Richard Levitte
86022a79a5 We're building crypto stuff, not ssl stuff. Additionally, we're in
the fips subdirectory, not the crypto one...
2004-07-29 22:26:57 +00:00
Richard Levitte
88a8ae6aee We build the crypto stuff, not the ssl stuff, in this command procedure... 2004-07-29 22:26:03 +00:00
Richard Levitte
b58e24ac57 Define OPENSSL_FIPS in opensslconf.h if a logical name with the same
name is defined.

Go up one directory level before dealing with FIPS stuff.
2004-07-28 13:47:58 +00:00
Richard Levitte
496c4e1033 From the FIPS directory, darnit! 2004-07-28 02:24:48 +00:00
Dr. Stephen Henson
0b948f3677 New cipher "strength" FIPS which specifies that a
cipher suite is FIPS compatible.

New cipherstring "FIPS" is all FIPS compatible ciphersuites except eNULL.

Only allow FIPS ciphersuites in FIPS mode.
2004-07-27 18:28:49 +00:00
Richard Levitte
7f911c668d Typo 2004-07-27 14:09:13 +00:00
Richard Levitte
e81ef01a0a The compiler may complain about what looks like a double definition of a
static variable
2004-07-27 13:58:25 +00:00
Dr. Stephen Henson
d2033156c5 Rename libcrypto.sha1 to libcrypto.a.sha1 2004-07-27 12:22:08 +00:00
Dr. Stephen Henson
e4c1c03c5b Add FIPS name to error library. 2004-07-27 00:20:41 +00:00
Dr. Stephen Henson
5edd0f51e3 Stop compiler warnings. 2004-07-27 00:17:46 +00:00
Andy Polyakov
1ecb88b95a Add casts where casts due. It's "safe" to cast, because "wrong" casts
will either be optimized away or never performed. The trouble is that
compiler first parses code, then optimizes, not both at once...
2004-07-24 13:40:47 +00:00
Ben Laurie
03ecfadf3d Convert to X9.31. 2004-07-23 13:20:32 +00:00
Andy Polyakov
64c6865427 Proper WinCE support for listing files. "Backported" from HEAD. 2004-07-22 16:39:48 +00:00
Dr. Stephen Henson
43894f9c0d When in FIPS mode write private keys in PKCS#8 and PBES2 format to
avoid use of prohibited MD5 algorithm.
2004-07-21 17:41:26 +00:00
Dr. Stephen Henson
40007ad24d Avoid compiler warnings. 2004-07-21 17:35:49 +00:00
Andy Polyakov
c6e27dcf31 Make rand_win.c UNICODE savvy. "Backport" from HEAD. 2004-07-21 17:18:53 +00:00
Richard Levitte
a47e836efe Since version 7.0, The C RTL in VMS handles time in terms of UTC
instead of local time.
2004-07-19 07:49:47 +00:00
Andy Polyakov
370358dfb4 Sync with HEAD. Up to >20% overall performance improvement. 2004-07-17 13:27:38 +00:00
Andy Polyakov
a77b16abd4 IA-64 is intolerant to misaligned access. It was a problem on Win64 as
we were mislead by _MSC_VER macro, which is defined by *all* Windows
Microsoft compilers.
2004-07-17 12:54:54 +00:00
Andy Polyakov
061c8f977d Eliminate enforced -g from CFLAGS. It switches off optimization with some
compilers, e.g. DEC C.
2004-07-17 12:48:35 +00:00
Ben Laurie
d70f5891da Corrected test program. 2004-07-12 17:59:50 +00:00
Richard Levitte
901959c945 I think it could be a good thing to know what went wrong with the tests... 2004-07-12 12:25:56 +00:00
Bodo Möller
a857495d17 improve wording 2004-07-12 06:24:21 +00:00
Bodo Möller
b1640e47e4 BIS correction/addition 2004-07-11 09:29:41 +00:00
Richard Levitte
5358bc44f4 o_str.c: Windows doesn't have <strings.h>, and since we use _strnicmp() and
_stricmp() on that platform, use the appropriate header file for it,
<string.h>.
o_str.h: we only want to get size_t, which is defined in <stddef.h>.

Philippe Bougeret <philippe.bougeret@freesbee.fr> notified us about Windows
not having a <strings.h>
2004-07-08 08:32:51 +00:00
Dr. Stephen Henson
a7f14cb4c6 Delta CRL support in extension code. 2004-07-06 17:26:33 +00:00
Dr. Stephen Henson
531b538df5 Ooops, missed part of PKCS#8 patch. 2004-07-06 17:25:11 +00:00
Dr. Stephen Henson
49ede900fa Fix memory leak. 2004-07-04 16:36:58 +00:00
Dr. Stephen Henson
7c6cf1b176 Don't try to parse none string types. 2004-07-01 18:50:12 +00:00
Richard Levitte
fa5cea169a Explain a little better what BN_num_bits() and BN_num_bits_word() do.
Add a note as to how these functions do not always return the key size, and
how one can deal with that.

PR: 907
2004-07-01 12:33:44 +00:00
Richard Levitte
83f22920c2 Changes for VOS, submitted by Paul Green <Paul.Green@stratus.com>.
PR: 499
2004-06-28 22:01:07 +00:00