wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9826 commits 20 branches 302 tags 153 MiB
Commit graph

9826 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dr. Stephen Henson
e990b4f838 Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_new 
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1
library.
 2011-02-13 18:45:41 +00:00
Dr. Stephen Henson
e47af46cd8 Change FIPS source and utilities to use the "FIPS_" names directly 
instead of using regular OpenSSL API names.
 2011-02-12 18:25:18 +00:00
Dr. Stephen Henson
36246be915 Make no-ec2m work on Win32 build. Add nexprotoneg support too. 2011-02-12 17:38:40 +00:00
Dr. Stephen Henson
c9a90645a5 Disable some functions in headers with no-ec2m 2011-02-12 17:38:06 +00:00
Dr. Stephen Henson
b331016124 New option to disable characteristic two fields in EC code. 2011-02-12 17:23:32 +00:00
Andy Polyakov
afb4191304 dso_dlfcn.c: make it work on Tru64 4.0. 
PR: 2316
 2011-02-12 16:43:41 +00:00
Andy Polyakov
874b0bd968 Configure: engage assembler in Android target. 2011-02-12 16:13:59 +00:00
Andy Polyakov
a6d915e0ef gcm128.c: make it work with no-sse2. 2011-02-12 11:47:55 +00:00
Dr. Stephen Henson
975138edaa Add Makefile.fips. 2011-02-11 20:56:24 +00:00
Dr. Stephen Henson
30b56225cc New "fispcanisteronly" build option: only build fipscanister.o and 
associated utilities. This functionality will be used by the validated
tarball.
 2011-02-11 19:02:34 +00:00
Dr. Stephen Henson
dc527a62a1 Make Windows build work with GCM. 2011-02-11 16:49:01 +00:00
Dr. Stephen Henson
ed12c2f7ca In FIPS mode only use "Generation by Testing Candidates" equivalent. 2011-02-11 15:19:54 +00:00
Dr. Stephen Henson
16a7fcc447 Return security strength for supported DSA parameters: will be used 
later.
 2011-02-11 14:38:39 +00:00
Dr. Stephen Henson
a1a5885b64 Free keys if DSA pairwise error. 2011-02-11 14:21:01 +00:00
Andy Polyakov
f84a8ea526 x86gas.pl: make data_short work on legacy systems. 2011-02-10 21:24:24 +00:00
Andy Polyakov
01be5db64e xts128.c: initial draft. 2011-02-10 21:16:21 +00:00
Dr. Stephen Henson
a4113c52b2 Disable FIPS restrictions when doing GCM testing. 2011-02-10 01:46:25 +00:00
Dr. Stephen Henson
b3d8022edd Add GCM IV generator. Add some FIPS restrictions to GCM. Update fips_gcmtest. 2011-02-09 16:21:43 +00:00
Andy Polyakov
632d83f0a3 ccm128.c: initialize ctx->block (what I was smoking?). 2011-02-08 23:08:02 +00:00
Andy Polyakov
d3fad7cb51 ccm128.c: initial draft. 2011-02-08 23:02:45 +00:00
Dr. Stephen Henson
f4bfe97fc9 Equally experimental encrypt side for fips_gcmtest. Currently this uses IVs 
in the request file need to update it to generate IVs once we have an IV
generator in place.
 2011-02-08 19:25:24 +00:00
Bodo Möller
c415adc26f Sync with 1.0.1 branch. 
(CVE-2011-0014 OCSP stapling fix has been applied to HEAD as well.)
 2011-02-08 19:09:08 +00:00
Dr. Stephen Henson
9afe95099d Set values to NULL after freeing them. 2011-02-08 18:25:57 +00:00
Dr. Stephen Henson
9dd346c90d Experimental incomplete AES GCM algorithm test program. 2011-02-08 18:15:59 +00:00
Bodo Möller
9770924f9b OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d) 
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
 2011-02-08 17:48:57 +00:00
Dr. Stephen Henson
f4001a0d19 Link GCM into FIPS module. Check return value in EVP gcm. 2011-02-08 15:10:42 +00:00
Bodo Möller
cea73f9db3 Synchronize with 1.0.0 branch 2011-02-08 08:48:51 +00:00
Andy Polyakov
1f2502eb58 gcm128.c: add boundary condition checks. 2011-02-07 19:11:13 +00:00
Dr. Stephen Henson
bdaa54155c Initial *very* experimental EVP support for AES-GCM. Note: probably very 
broken and subject to change.
 2011-02-07 18:16:33 +00:00
Dr. Stephen Henson
fd3dbc1dbf Add CRYPTO_gcm128_tag() function to retrieve the tag. 2011-02-07 18:05:27 +00:00
Dr. Stephen Henson
d45087c672 Use 0 not -1 (since type is size_t) for finalisation argument to do_cipher: 
the NULL value for the input buffer is sufficient to notice this case.
 2011-02-07 18:04:27 +00:00
Dr. Stephen Henson
634b66186a Typo. 2011-02-07 14:36:55 +00:00
Dr. Stephen Henson
3da0ca796c New flags EVP_CIPH_FLAG_CUSTOM_CIPHER in cipher structures if an underlying 
cipher handles all cipher symantics itself.
 2011-02-07 14:36:08 +00:00
Dr. Stephen Henson
f9678b8b57 Fix memory leak. 2011-02-07 13:34:00 +00:00
Dr. Stephen Henson
83e9c36261 Use default ASN1 if flag set. 2011-02-07 12:47:16 +00:00
Andy Polyakov
b68c13154e gcm128.c: allow multiple calls to CRYPTO_gcm128_aad. 2011-02-06 23:50:05 +00:00
Andy Polyakov
68e2586bd3 gcm128.c: fix bug in OPENSSL_SMALL_FOOTPRINT decrypt. 
PR: 2432
Submitted by: Michael Heyman
 2011-02-06 23:48:32 +00:00
Dr. Stephen Henson
61f477f4ab Fix duplicate code and typo. 2011-02-06 00:51:05 +00:00
Dr. Stephen Henson
7e95116064 Remove unneeded functions, make some functions and variables static. 2011-02-04 17:56:57 +00:00
Dr. Stephen Henson
06b433acad Add FIPS support to the WIN32 build system. 2011-02-03 23:12:04 +00:00
Dr. Stephen Henson
14ae26f2e4 Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files 
that use it.
 2011-02-03 17:00:24 +00:00
Dr. Stephen Henson
3710d1aae9 Rename crypto/fips_err.c to fips_ers.c to avoid clash with other fips_err.c 2011-02-03 16:16:30 +00:00
Dr. Stephen Henson
cc5c772abd Include fips header file in err_all.c if needed. 2011-02-03 16:03:21 +00:00
Dr. Stephen Henson
65041aa27e Add FIPS error codes. 2011-02-03 15:58:43 +00:00
Dr. Stephen Henson
7dbbd4b357 add -stripcr option to copy.pl from 0.9.8 2011-02-03 14:57:51 +00:00
Dr. Stephen Henson
544c84b720 Add Windows FIPS build utilities. 2011-02-03 14:20:59 +00:00
Dr. Stephen Henson
65847ca378 For now disable EC_GFp_nistp224_method() for WIN32 so the WIN32 build 
completes without linker errors.
 2011-02-03 13:00:08 +00:00
Dr. Stephen Henson
53f7633739 Add FIPS support to mkdef.pl script, update ordinals. 2011-02-03 12:59:01 +00:00
Dr. Stephen Henson
c2a459315a Use single X931 key generation source file for FIPS and non-FIPS builds. 2011-02-03 12:47:56 +00:00
Bodo Möller
e2b798c8b3 Assorted bugfixes: 
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check

Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
 2011-02-03 12:03:51 +00:00