Nils Larsch
5c567ffd4c
fix assertion
2005-05-31 20:39:54 +00:00
Richard Levitte
3bc1781994
Synchronise with the Unix build...
2005-05-31 20:29:23 +00:00
Dr. Stephen Henson
485bcc9cab
Preliminary support for X9.31 RSA key generation for FIPS.
...
Included prime derivation, random prime generation, test program and
new option to genrsa.
2005-05-31 12:38:03 +00:00
Dr. Stephen Henson
4bd7bc97e8
make update
2005-05-29 12:30:21 +00:00
Richard Levitte
c3d03b70af
We have some source with \r\n as line ends. DEC C informs about that,
...
and I really can't be bothered...
2005-05-29 12:13:05 +00:00
Dr. Stephen Henson
e4c2c550b9
Add X9.31 signature support, mainly for FIPS140. Add new option to rsautl and
...
include options to use X9.31 in tests.
2005-05-28 20:15:48 +00:00
Dr. Stephen Henson
7044d328a2
Add PSS support. Minimal at this stage for FIPS140.
2005-05-27 21:59:52 +00:00
Bodo Möller
80790d89ec
Use BN_with_flags() in a cleaner way.
...
Complete previous change:
Constant time DSA [sync with mainstream].
2005-05-27 15:39:15 +00:00
Bodo Möller
44a287747f
make sure DSA signing exponentiations really are constant-time
2005-05-26 04:40:42 +00:00
Richard Levitte
48a3f2818e
When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in
...
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html .
Notified by David Wolfe <dwolfe5272@yahoo.com>
2005-05-21 17:39:48 +00:00
Dr. Stephen Henson
8baaeba881
Place #ifdef OPENSSL_FIPS round the SHA-XXX functions in evp.h so mkdef.pl
...
knows about it.
2005-05-17 19:48:42 +00:00
Bodo Möller
bedcd5c0bb
fix memory leak (BIO_free_all needs pointer to first BIO)
...
PR: 1070
2005-05-17 05:52:18 +00:00
Bodo Möller
ecb1445ce2
Implement fixed-window exponentiation to mitigate hyper-threading
...
timing attacks.
BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2005-05-16 01:26:08 +00:00
Dr. Stephen Henson
775e82c58d
Fix from HEAD.
2005-05-14 12:59:05 +00:00
Dr. Stephen Henson
db5cbd8954
Fixes from HEAD.
2005-05-13 00:23:02 +00:00
Dr. Stephen Henson
c6012b252d
Fix from HEAD.
2005-05-12 23:13:40 +00:00
Dr. Stephen Henson
e1ff593dcb
Typo.
2005-05-12 17:27:48 +00:00
Dr. Stephen Henson
9fc1d3f4c4
Allow AES CFB1 ciphers in FIPS mode.
2005-05-11 16:28:33 +00:00
Andy Polyakov
b1ca6f2f3d
Eliminate "statement with no effect" warning when OPENSSL_assert macro
...
is used with constant assertion.
2005-05-08 19:52:13 +00:00
Andy Polyakov
4b27a9feb3
Backport SHA-[224|256|384|512] from HEAD to FIPS.
2005-05-07 17:21:34 +00:00
Andy Polyakov
3380c4561e
Backport of rc4-x86_64 from HEAD.
2005-05-04 16:12:07 +00:00
cvs2svn
3f2f0c8892
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2005-05-04 14:51:39 +00:00
Andy Polyakov
0ee883650d
Commentary update motivating code update in 0.9.7.
2005-05-04 14:51:38 +00:00
Andy Polyakov
70cf309517
x86_64 assembler translator update.
2005-05-04 08:42:47 +00:00
Andy Polyakov
8b5bf52ac2
Cvs missed adapted module itself, here it goes...
2005-05-03 23:03:31 +00:00
Andy Polyakov
73a9485081
Engage md5-x86_64 assembler module.
2005-05-03 22:59:17 +00:00
Andy Polyakov
d37a65bc81
Throw in md5-x86_64 assembler.
2005-05-03 22:56:15 +00:00
Andy Polyakov
34c7ff6dc9
Cygwin doesn't expose Win32 [not "officially"].
2005-05-03 21:20:17 +00:00
Andy Polyakov
647907918d
Commentary update.
2005-05-03 21:16:42 +00:00
Andy Polyakov
cee73df3bd
Cpuid modules updates.
2005-05-03 21:05:06 +00:00
Nils Larsch
f15c448a72
remove BN_ncopy, it was only used in bn_nist.c and wasn't particular
...
useful anyway
2005-05-03 20:27:00 +00:00
Nils Larsch
fcb41c0ee8
rewrite of bn_nist.c, disable support for some curves on 64 bit platforms
...
for now (it was broken anyway)
2005-05-03 20:23:33 +00:00
Andy Polyakov
5f1841cdca
Rename amd64 modules to x86_64 and update RC4 implementation.
2005-05-03 15:42:05 +00:00
Andy Polyakov
4b45051902
x86_64 assembler translator update.
2005-05-03 15:35:14 +00:00
Dr. Stephen Henson
f07320eae0
Remove unnecessary code.
2005-05-03 11:56:09 +00:00
Dr. Stephen Henson
fb64e17555
Update dependencies.
2005-05-02 23:02:19 +00:00
Dr. Stephen Henson
e8f245d243
Add hmac to fips.
2005-05-02 22:59:41 +00:00
Dr. Stephen Henson
73f3c281ff
Update from HEAD.
2005-05-01 12:47:33 +00:00
Dr. Stephen Henson
05338b58ce
Support for smime-type MIME parameter.
2005-05-01 12:46:57 +00:00
Andy Polyakov
405d9761a5
Allow for ./config no-sha0 [from stable].
2005-04-30 21:51:41 +00:00
Dr. Stephen Henson
6a62b2e54b
Update from HEAD.
2005-04-30 18:16:40 +00:00
Dr. Stephen Henson
98a2fd32a0
Typo.
2005-04-30 18:07:30 +00:00
Dr. Stephen Henson
7bdeeb64ac
Don't attempt to parse nested ASN1 strings by default.
2005-04-30 18:02:54 +00:00
Dr. Stephen Henson
c1668fe59d
Update from HEAD.
2005-04-30 13:08:56 +00:00
Dr. Stephen Henson
e1cc0671ac
Use more efficient way to locate end of an ASN1 structure.
2005-04-30 13:06:45 +00:00
Nils Larsch
c1a8a5de13
don't let BN_CTX_free(NULL) segfault
2005-04-29 21:20:31 +00:00
Nils Larsch
6a50d0a422
hide the definition of ECDSA_METHOD and ECDSA_DATA (and mutatis mutandis
...
for ecdh)
2005-04-29 15:56:06 +00:00
Nils Larsch
1897c89302
avoid warnings when building on systems where sizeof(void *) > sizeof(int)
2005-04-29 14:26:59 +00:00
Andy Polyakov
c7e7d382d5
Pointer to BN_MONT_CTX could be used uninitialized.
2005-04-28 08:52:29 +00:00
Andy Polyakov
3cc54008eb
Pointer to BN_MONT_CTX could be used uninitialized.
2005-04-28 08:49:01 +00:00
Richard Levitte
ff8bcccdd4
Synchronise with Unix build system.
2005-04-28 04:55:28 +00:00
Dr. Stephen Henson
81170986ed
Fix from HEAD.
2005-04-28 00:22:00 +00:00
Dr. Stephen Henson
a93b01be57
Increase offset for BIO_f_enc() to avoid problems with overlapping buffers
...
when decrypting data.
2005-04-28 00:21:29 +00:00
Dr. Stephen Henson
6c61726b2a
Lots of Win32 fixes for DTLS.
...
1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
2005-04-27 16:27:14 +00:00
Nils Larsch
4b21c202ff
add missing parentheses
2005-04-27 07:59:17 +00:00
Nils Larsch
df9e0bf507
add missing parentheses
2005-04-27 07:57:50 +00:00
Dr. Stephen Henson
879b19801a
Change method_mont_p from (char *) to (BN_MONT_CTX *) and remove several
...
casts.
2005-04-27 00:04:59 +00:00
Dr. Stephen Henson
6ec8e63af6
Port BN_MONT_CTX_set_locked() from stable branch.
...
The function rsa_eay_mont_helper() has been removed because it is no longer
needed after this change.
2005-04-26 23:58:54 +00:00
Dr. Stephen Henson
465b9f6b26
Stop unused variable warning.
2005-04-26 23:45:49 +00:00
Dr. Stephen Henson
2deadf1672
Port from stable branch.
2005-04-26 23:21:49 +00:00
Nils Larsch
800e400de5
some updates for the blinding code; summary:
...
- possibility of re-creation of the blinding parameters after a
fixed number of uses (suggested by Bodo)
- calculatition of the rsa::e in case it's absent and p and q
are present (see bug report #785 )
- improve the performance when if one rsa structure is shared by
more than a thread (see bug report #555 )
- fix the problem described in bug report #827
- hide the definition ot the BN_BLINDING structure in bn_blind.c
2005-04-26 22:31:48 +00:00
Dr. Stephen Henson
667aef4c6a
Port from stable branch.
2005-04-26 22:07:17 +00:00
Bodo Möller
aa4ce7315f
Fix various incorrect error function codes.
...
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
2005-04-26 18:53:22 +00:00
Bodo Möller
0d5ea7613e
make update
2005-04-26 18:09:21 +00:00
Ben Laurie
36d16f8ee0
Add DTLS support.
2005-04-26 16:02:40 +00:00
Bodo Möller
2e7245f5a3
Use OPENSSL_NO_CAST, not OPENSSL_NO_CAST5 in e_old.c
...
PR: 959
2005-04-25 23:09:00 +00:00
Andy Polyakov
3d5fd31280
Avoid L1 cache aliasing even between key and S-boxes.
2005-04-24 21:09:20 +00:00
Nils Larsch
9edf4e8157
make asn.1 field names const
2005-04-23 13:45:49 +00:00
Nils Larsch
b07a7b5daa
fix typo
2005-04-23 12:46:24 +00:00
Nils Larsch
965a1cb92e
change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible
2005-04-23 10:11:16 +00:00
Ben Laurie
e9ad6665a5
Add debug target, remove cast, note possible bug.
2005-04-23 06:05:24 +00:00
Ben Laurie
b5855b2f32
Add prototypes.
2005-04-22 23:57:46 +00:00
Nils Larsch
a0bee97e55
more const
2005-04-22 21:57:36 +00:00
Nils Larsch
ff22e913a3
- use BN_set_negative and BN_is_negative instead of BN_set_sign
...
and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"
2005-04-22 20:02:44 +00:00
Dr. Stephen Henson
4ed56cba63
New function BN_MONT_CTX_set_locked, to set montgomery parameters in a
...
threadsafe manner.
Modify or add calls to use it in rsa, dsa and dh algorithms.
2005-04-22 13:17:49 +00:00
Andy Polyakov
04d0d0accf
Avoid aliasing between stack frames and S-boxes. Compress prefetch code.
2005-04-22 11:49:32 +00:00
Richard Levitte
630e4a6e59
Provide a default OPENSSL_ia32cap_loc for non-Intel platforms where
...
util/libeay.num is important when building shared libraries, like
VMS.
2005-04-21 09:10:19 +00:00
Dr. Stephen Henson
2c45bf2bc9
Rename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts.
...
Remove more bogus shadow warnings.
2005-04-20 21:48:06 +00:00
Dr. Stephen Henson
836ec0c764
Stop compiler warnings about deprecated lvalue casts.
2005-04-20 21:39:13 +00:00
Dr. Stephen Henson
5e72fb063a
Stop bogus shadowing warning.
2005-04-20 21:34:29 +00:00
Richard Levitte
a74286d636
Make sure id2_func is properly cast as well...
2005-04-20 13:17:42 +00:00
Richard Levitte
254cfe878e
signed vs. unsigned.
2005-04-20 13:12:33 +00:00
Richard Levitte
ed824195a1
Avoid compiler complaint about mismatched function signatures
...
(void * != char *)
2005-04-20 13:09:46 +00:00
Richard Levitte
22c3600e4c
Resolve signed vs. unsigned.
2005-04-20 12:55:15 +00:00
Richard Levitte
49f386578e
Type mismatch detected by DEC C compiler. void* != void**
2005-04-20 12:53:50 +00:00
Richard Levitte
7c671508bd
Avoid compiler complaint about mismatched function signatures
...
(void * != RSA *)
2005-04-20 10:02:16 +00:00
Dr. Stephen Henson
987bebaf8c
New "algorithm define" OPENSSL_NO_GMP. Update mkdef.pl and Configure script
...
to use it.
2005-04-19 13:24:44 +00:00
Dr. Stephen Henson
f68854b4c3
Various Win32 and other fixes for warnings and compilation errors.
...
Fix Win32 build system to use 'Makefile' instead of 'Makefile.ssl'.
2005-04-19 00:12:36 +00:00
Dr. Stephen Henson
89234b1eed
Pick up definition of FIPS_mode() in fips.h to avoid warnings.
2005-04-18 13:02:19 +00:00
Andy Polyakov
863a155451
Resolve minor binary compatibility issues in fips.
2005-04-17 23:26:40 +00:00
Andy Polyakov
1ddce0bebf
Throw in fips/aes/asm/fips-ax86-elf.s.
2005-04-17 22:54:16 +00:00
Andy Polyakov
1cfd258ed6
Throw in x86_64 AT&T to MASM assembler converter to facilitate development
...
of dual-ABI Unix/Win64 modules.
2005-04-17 21:05:57 +00:00
Richard Levitte
2906dc8601
Synchronise with ec/Makefile.
2005-04-17 09:07:37 +00:00
Andy Polyakov
c8d5c71af5
Mitigate cache-timing attack in CBC mode. This is done by implementing
...
compressed tables (2x compression factor) and by pre-fetching them into
processor cache prior every CBC en-/decryption pass. One can argue why
just CBC? Well, it's commonly used mode in real-life applications and
API allows us to amortize the prefetch costs for larger data chunks...
2005-04-16 15:23:21 +00:00
Dr. Stephen Henson
8fc6cb77c5
Fix from HEAD.
2005-04-14 22:59:17 +00:00
Dr. Stephen Henson
fbe6ba81e9
Check return values of <Digest>_Init functions in low level digest calls.
2005-04-14 22:58:44 +00:00
Andy Polyakov
2b85e23d2e
Prototype mnemonics in padlock_verify_context for better portability
...
[read support for Solaris assembler].
2005-04-14 07:47:10 +00:00
Andy Polyakov
026bb0b96a
Fix for bug emerged in openvpn conext.
2005-04-14 07:41:29 +00:00
Andy Polyakov
5dc4923359
Zap OPENSSL_EXTERN on symbols, which are meant to remain local to DLL.
...
Comment in HEAD commit was wrong!
2005-04-13 20:54:07 +00:00
Andy Polyakov
e62991a07c
Zap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL.
2005-04-13 20:51:42 +00:00