wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8319 commits 20 branches 302 tags 153 MiB
Commit graph

24 commits

Author SHA1 Message Date
Andy Polyakov
2776beb91a Mask new fips_*vs test programs in non-fips builds. 2005-06-07 19:56:52 +00:00
Andy Polyakov
d58d546e2d Initial support for DSO FIPS fingerprinting. 2005-06-07 12:39:27 +00:00
Bodo Möller
80790d89ec Use BN_with_flags() in a cleaner way. 
Complete previous change:
Constant time DSA [sync with mainstream].
 2005-05-27 15:39:15 +00:00
Andy Polyakov
31def5ae59 Constant-time DSA signing [sync with mainstream]. 
Submitted by: bodo
 2005-05-27 06:42:11 +00:00
Bodo Möller
973fbfe3a3 make update 2005-05-11 17:49:50 +00:00
Andy Polyakov
4b27a9feb3 Backport SHA-[224|256|384|512] from HEAD to FIPS. 2005-05-07 17:21:34 +00:00
Andy Polyakov
9aa260ab57 Exclude the option for passing parameters pre-computed in unverified way. 2005-04-29 13:36:50 +00:00
Dr. Stephen Henson
4ed56cba63 New function BN_MONT_CTX_set_locked, to set montgomery parameters in a 
threadsafe manner.

Modify or add calls to use it in rsa, dsa and dh algorithms.
 2005-04-22 13:17:49 +00:00
Dr. Stephen Henson
c61a8ad5b0 Remove obsolete fingerprint.sha1 files and associated scripts. Delete test 
in fips/sha1/Makefile: the top level test checks the same files.
 2005-04-18 16:34:21 +00:00
Andy Polyakov
2ec5ebb979 Minor fips const-ification. 2005-04-18 00:22:40 +00:00
Dr. Stephen Henson
b99daf76a7 Update hash checking in makefiles to use new perl script. 2005-04-15 11:27:29 +00:00
Richard Levitte
9addd9b6fb Add emacs cache files to .cvsignore. 2005-04-11 14:18:14 +00:00
Richard Levitte
630b9d70fb Use EXIT() instead of exit(). 2005-01-11 18:25:28 +00:00
Richard Levitte
a2617f727d Don't use $(EXHEADER) directly in for loops, as most shells will break 
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
 2004-11-02 23:53:31 +00:00
Richard Levitte
7f9c37457a To protect FIPS-related global variables, add locking mechanisms 
around them.

NOTE: because two new locks are added, this adds potential binary
incompatibility with earlier versions in the 0.9.7 series.  However,
those locks will only ever be touched when FIPS_mode_set() is called
and after, thanks to a variable that's only changed from 0 to 1 once
(when FIPS_mode_set() is called).  So basically, as long as FIPS mode
hasn't been engaged explicitely by the calling application, the new
locks are treated as if they didn't exist at all, thus not becoming a
problem.  Applications that are built or rebuilt to use FIPS
functionality will need to be recompiled in any case, thus not being a
problem either.
 2004-07-30 14:38:02 +00:00
Richard Levitte
871fe9107d Make sure we don't try to loop over an empty EXHEADER. In the 
Makefiles where this was fixed by commenting away code, change it to
check for an empty EXHEADER instead, so we have less hassle in a
future where EXHEADER changes.

PR: 900
 2004-06-21 09:07:41 +00:00
Richard Levitte
5affe206e1 Define FIPS_*_SIZE_T for AES, DSA and RSA as well, in preparation for 
size_t-ification of those algorithms in future version of OpenSSL...
 2004-05-19 14:16:33 +00:00
Richard Levitte
141a64faff Ignore 'Makefile.save' 2004-05-12 10:07:20 +00:00
Richard Levitte
035dcd3724 Ignore the 'lib' timestamp file. 2004-05-12 08:46:43 +00:00
Ben Laurie
3642f632d3 Pull FIPS back into stable. 2004-05-11 12:46:24 +00:00
Richard Levitte
4ed9388e5d A new branch for FIPS-related changes has been created with the name 
OpenSSL-fips-0_9_7-stable.

Since the 0.9.7-stable branch is supposed to be in freeze and should
only contain bug corrections, this change removes the FIPS changes
from that branch.
 2003-08-11 09:37:17 +00:00
Ben Laurie
9163658aa8 New fingerprints. 2003-07-28 09:56:08 +00:00
Ben Laurie
d3a15e132d Build when not FIPS. 2003-07-27 21:13:35 +00:00
Ben Laurie
75622f1ece Unfinished FIPS stuff for review/improvement. 2003-07-27 17:00:51 +00:00