wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11821 commits 20 branches 302 tags 153 MiB
Commit graph

6081 commits

Author SHA1 Message Date
Andy Polyakov
ac82e51f57 x86gas.pl: treat OPENSSL_ia32cap_P accordingly to .hidden status. 2012-07-15 13:24:43 +00:00
Richard Levitte
5dbf4f42fb Add the missing modules for Camellia, as well as dh_rfc5114 and evp_cnf. 2012-07-05 13:19:06 +00:00
Richard Levitte
c58de759c8 Harmonise symhacks.h in this branch with lower versions. 
Add aliases for SSL_CTX_set_not_resumable_session_callback and
SSL_set_not_resumable_session_callback on top of that.
 2012-07-05 13:17:44 +00:00
Dr. Stephen Henson
44488723de add missing evp_cnf.c file 2012-07-04 13:15:10 +00:00
Dr. Stephen Henson
ea1d84358b PR: 2840 
Reported by: David McCullough <david_mccullough@mcafee.com>

Restore fips configuration module from 0.9.8.
 2012-07-03 20:30:40 +00:00
Andy Polyakov
32e03a3016 bn_nist.c: compensate for VC bug [with optimization off!]. 
PR: 2837
 2012-07-02 13:30:32 +00:00
Andy Polyakov
8d00f34239 crypto/bn/*.h: move PTR_SIZE_INT to private header. 2012-07-02 13:27:30 +00:00
Dr. Stephen Henson
df53820170 remove unnecessary attempt to automatically call OPENSSL_init 2012-07-01 22:25:04 +00:00
Dr. Stephen Henson
c65c5d05fd Fix Win32 build. 2012-07-01 22:14:32 +00:00
Andy Polyakov
ae432028d1 bss_dgram.c: fix typos in Windows code. 2012-07-01 09:11:47 +00:00
Andy Polyakov
2dce10c56d sha256-586.pl: fix typos. 2012-07-01 08:46:38 +00:00
Andy Polyakov
6251989eb6 x86_64 assembly pack: make it possible to compile with Perl located on 
path with spaces.

PR: 2835
 2012-06-27 10:08:23 +00:00
Andy Polyakov
faee82c1bc sha512-x86_64.pl: fix typo. 2012-06-25 17:13:15 +00:00
Andy Polyakov
a8f3b8b519 sha512-x86_64.pl: add SIMD code paths. 2012-06-24 19:22:06 +00:00
Andy Polyakov
ad880dc469 sha512-x86_64.pl: fix typo. 2012-06-19 07:50:10 +00:00
Andy Polyakov
42a36658c1 sha256-586.pl: fix linking error. 2012-06-19 07:49:36 +00:00
Dr. Stephen Henson
dfcf48f499 New functions to retrieve certificate signatures and signature OID NID. 2012-06-13 13:08:12 +00:00
Andy Polyakov
0bf8f110e0 sha256t.c: make sure unrolled loop is tested. 2012-06-12 14:40:41 +00:00
Andy Polyakov
f3eac74bc5 sha256-586.pl: add AVX and XOP code paths. 2012-06-12 14:40:11 +00:00
Andy Polyakov
3a9b3852c6 sha256-586.pl: squeeze some more, most notably ~10% on Nehalem. 2012-06-12 14:38:01 +00:00
Andy Polyakov
d2e1803197 x86[_64] assembly pack: update benchmark results. 2012-06-12 14:18:21 +00:00
Dr. Stephen Henson
4b9e0b5f74 print out issuer and subject unique identifier fields in certificates 2012-06-12 13:41:18 +00:00
Andy Polyakov
447e1319b1 bss_dgram.c: add BIO_CTRL_DGRAM_SET_DONT_FRAG. 
PR: 2830
Submitted by: Robin Seggelmann
 2012-06-11 14:56:25 +00:00
Andy Polyakov
e77ec2ba6f bss_dgram.c: make getsockopt work in cases when optlen is 64-bit value. 2012-06-11 14:27:56 +00:00
Andy Polyakov
80c42f3e0c b_sock.c: make getsockopt work in cases when optlen is 64-bit value. 2012-06-11 08:52:11 +00:00
Andy Polyakov
8d1b199d26 Revert random changes from commit#22606. 2012-06-04 22:12:10 +00:00
Ben Laurie
71fa451343 Version skew reduction: trivia (I hope). 2012-06-03 22:00:21 +00:00
Ben Laurie
03c1d9f99d Build on FreeBSD with gcc 4.6. 2012-05-30 09:34:44 +00:00
Andy Polyakov
f889bb0384 sha256-586.pl: full unroll to deliver additional ~16%, add Sandy Bridge- 
specific code path.
 2012-05-28 17:50:57 +00:00
Andy Polyakov
83698d3191 sha512-x86_64.pl: >5% better performance. 2012-05-28 17:47:15 +00:00
Andy Polyakov
6a40ebe86b aesni-x86_64.pl: make it possibel to use in Linux kernel. 2012-05-24 07:39:44 +00:00
Andy Polyakov
d4bb6bddf8 sha256-586.pl: tune away regression on Nehalem core and incidentally 
improve performance on Atom and P4.
 2012-05-24 07:39:04 +00:00
Andy Polyakov
ee9bf3eb6c sha256-586.pl optimization. 2012-05-19 10:10:30 +00:00
Andy Polyakov
fd05495748 ppccap.c: assume no features under 32-bit AIX kernel. 
PR: 2810
 2012-05-16 12:42:32 +00:00
Dr. Stephen Henson
4242a090c7 PR: 2813 
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.
 2012-05-11 13:53:37 +00:00
Ben Laurie
5762f7778d Fix warning. 2012-05-10 20:29:00 +00:00
Dr. Stephen Henson
225055c30b Reported by: Solar Designer of Openwall 
Make sure tkeylen is initialised properly when encrypting CMS messages.
 2012-05-10 13:46:09 +00:00
Andy Polyakov
f9c5e5d92e perlasm: fix symptom-less bugs, missing semicolons and 'my' declarations. 2012-04-28 10:36:58 +00:00
Andy Polyakov
9474483ab7 ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance 
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA,
why slower algorithm are affected more...
PR: 2794
Submitted by: Ashley Lai
 2012-04-27 20:17:45 +00:00
Andy Polyakov
71fa3bc5ec objxref.pl: improve portability. 2012-04-22 21:18:30 +00:00
Dr. Stephen Henson
e2f53b675a correct error code 2012-04-22 13:31:09 +00:00
Dr. Stephen Henson
b36bab7812 PR: 2239 
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>

Add Brainpool curves from RFC5639.

Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
 2012-04-22 13:06:51 +00:00
Andy Polyakov
8ea92ddd13 e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms. 
PR: 2792
 2012-04-19 20:38:05 +00:00
Dr. Stephen Henson
d9a9d10f4f Check for potentially exploitable overflows in asn1_d2i_read_bio 
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
 2012-04-19 16:19:56 +00:00
Dr. Stephen Henson
b214184160 recognise X9.42 DH certificates on servers 2012-04-18 17:03:29 +00:00
Andy Polyakov
6dd9b0fc43 e_rc4_hmac_md5.c: harmonize zero-length fragment handling with 
e_aes_cbc_hmac_sha1.c (mostly for aesthetic reasons).
 2012-04-18 14:55:39 +00:00
Andy Polyakov
e36f6b9cfa e_rc4_hmac_md5.c: oops, can't use rc4_hmac_md5_cipher on legacy Intel CPUs. 
PR: 2792
 2012-04-18 14:50:28 +00:00
Andy Polyakov
3e181369dd C64x+ assembler pack. linux-c64xplus build is *not* tested nor can it be 
tested, because kernel is not in shape to handle it *yet*. The code is
committed mostly to stimulate the kernel development.
 2012-04-18 13:01:36 +00:00
Andy Polyakov
4a1fbd13ee OPENSSL_NO_SOCK fixes. 
PR: 2791
Submitted by: Ben Noordhuis
 2012-04-16 17:42:36 +00:00
Andy Polyakov
9eba5614fe Minor compatibility fixes. 
PR: 2790
Submitted by: Alexei Khlebnikov
 2012-04-16 17:35:30 +00:00
Andy Polyakov
fc90e42c86 e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag 
countermeasure.

PR: 2778
 2012-04-15 14:14:22 +00:00
Andy Polyakov
26e6bac143 ghash-s390x.pl: fix typo [that can induce SEGV in 31-bit build]. 2012-04-12 06:44:34 +00:00
Dr. Stephen Henson
80eb43519e fix reset fix 2012-04-11 15:05:07 +00:00
Dr. Stephen Henson
bbe0c8c5be make reinitialisation work for CMAC 2012-04-11 12:26:41 +00:00
Andy Polyakov
b1fd0ccb38 aes-s390x.pl: fix crash in AES_set_decrypt_key in linux32-s390x build. 2012-04-09 15:12:13 +00:00
Andy Polyakov
45cd45bbbc aes-armv4.pl: make it more foolproof [inspired by aes-s390x.pl in 1.0.1]. 2012-04-05 08:30:22 +00:00
Andy Polyakov
bc9583efa2 aes-s390x.pl: make it more foolproof [inspired by 1.0.1]. 2012-04-05 08:22:09 +00:00
Andy Polyakov
f62f792057 modes_lcl.h: make it work on i386. 
PR: 2780
 2012-03-31 17:02:46 +00:00
Andy Polyakov
5db9645f1b vpaes-x86[_64].pl: handle zero length in vpaes_cbc_encrypt. 
PR: 2775
 2012-03-31 16:53:34 +00:00
Dr. Stephen Henson
d3379de5a9 don't shadow 2012-03-30 15:43:32 +00:00
Andy Polyakov
4736eab947 bn/bn_gf2m.c: make new BN_GF2m_mod_inv work with BN_DEBUG_RAND. 2012-03-29 21:35:28 +00:00
Andy Polyakov
23a05fa0c1 modes/gcm128.c: fix self-test. 2012-03-29 18:25:38 +00:00
Andy Polyakov
482a7d80cf sha512-armv4.pl: optimize NEON code path by utilizing vbsl, bitwise select. 2012-03-29 18:20:11 +00:00
Andy Polyakov
ee743dca53 perlasm/x86masm.pl: fix last fix. 2012-03-29 18:09:36 +00:00
Andy Polyakov
6da165c631 ans1/tasn_prn.c: avoid bool in variable names. 
PR: 2776
 2012-03-29 17:48:19 +00:00
Dr. Stephen Henson
751e26cb9b fix leak 2012-03-22 16:28:07 +00:00
Dr. Stephen Henson
f404acfa2c Submitted by: Markus Friedl <mfriedl@gmail.com> 
Fix memory leaks in 'goto err' cases.
 2012-03-22 15:44:51 +00:00
Andy Polyakov
884c580e05 eng_all.c: revert previous "disable Padlock" commit, which was unjustified. 2012-03-19 20:20:41 +00:00
Andy Polyakov
df27a35137 vpaes-x86_64.pl: out-of-date Apple assembler fails to calculate 
distance between local labels.
PR: 2762
 2012-03-17 16:06:31 +00:00
Andy Polyakov
f9ef874a21 bsaes-x86_64.pl: optimize key conversion. 2012-03-16 21:44:19 +00:00
Andy Polyakov
442c9f13d4 bsaes-armv7.pl: optmize Sbox and key conversion. 2012-03-16 21:41:48 +00:00
Andy Polyakov
5c88dcca5b ghash-x86.pl: omit unreferenced rem_8bit from no-sse2 build. 2012-03-13 19:43:42 +00:00
Andy Polyakov
b2ae61ecf2 x86_64-xlate.pl: remove old kludge. 
PR: 2435,2440
 2012-03-13 19:19:08 +00:00
Dr. Stephen Henson
78dfd43955 corrected fix to PR#2711 and also cover mime_param_cmp 2012-03-12 16:32:19 +00:00
Dr. Stephen Henson
146b52edd1 Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 16:31:39 +00:00
Dr. Stephen Henson
34b61f5a25 check return value of BIO_write in PKCS7_decrypt 2012-03-08 14:10:23 +00:00
Dr. Stephen Henson
62b6948a27 PR: 2755 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
 2012-03-06 13:47:43 +00:00
Dr. Stephen Henson
d895f7f060 don't do loop check for single self signed certificate 2012-03-05 15:48:13 +00:00
Andy Polyakov
358c372d16 bsaes-armv7.pl: change preferred contact. 2012-03-03 13:04:53 +00:00
Andy Polyakov
c4a52a6dca Add bit-sliced AES for ARM NEON. This initial version is effectively 
reference implementation, it does not interface to OpenSSL yet.
 2012-03-03 12:33:28 +00:00
Dr. Stephen Henson
3c6a7cd44b PR: 2742 
Reported by: Dmitry Belyavsky <beldmit@gmail.com>

If resigning with detached content in CMS just copy data across.
 2012-02-29 14:02:02 +00:00
Dr. Stephen Henson
dc4f678cdc Fix memory leak cause by race condition when creating public keys. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-28 14:47:02 +00:00
Andy Polyakov
0f2ece872d x86cpuid.pl: fix processor capability detection on pre-586. 2012-02-28 14:20:21 +00:00
Dr. Stephen Henson
68a7b5ae1e PR: 2736 
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
 2012-02-27 18:45:28 +00:00
Dr. Stephen Henson
161c9b4262 PR: 2737 
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Fix double free in PKCS12_parse if we run out of memory.
 2012-02-27 16:46:34 +00:00
Dr. Stephen Henson
d441e6d8db PR: 2735 
Make cryptodev digests work. Thanks to Nikos Mavrogiannopoulos for
this fix.
 2012-02-27 16:33:34 +00:00
Dr. Stephen Henson
228a8599ff free headers after use in error message 2012-02-27 16:27:17 +00:00
Dr. Stephen Henson
d16bb406d4 Detect symmetric crypto errors in PKCS7_decrypt. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-27 15:22:41 +00:00
Andy Polyakov
d0e68a98c5 seed.c: incredibly enough seed.c can fail to compile on Solaris with certain 
flags, because SS is defined after inclusion of <stdlib.h>, in <sys/regset.h>
 2012-02-26 21:52:43 +00:00
Dr. Stephen Henson
a36fb72584 PR: 2730 
Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>

VMS fixes: disable SCTP by default.
 2012-02-25 17:59:40 +00:00
Dr. Stephen Henson
6941b7b918 PR: 2711 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Tolerate bad MIME headers in parser.
 2012-02-23 21:50:44 +00:00
Dr. Stephen Henson
ef570cc869 PR: 2696 
Submitted by: Rob Austein <sra@hactrn.net>

Fix inverted range problem in RFC3779 code.

Thanks to Andrew Chi for generating test cases for this bug.
 2012-02-23 21:31:37 +00:00
Dr. Stephen Henson
4d3670fa50 PR: 2727 
Submitted by: Bruce Stephens <bruce.stephens@isode.com>

Use same construct for EXHEADER in srp/Makefile as other makefiles to cope
with possibly empty EXHEADER.
 2012-02-23 13:49:35 +00:00
Dr. Stephen Henson
64095ce9d7 Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convert 
between NIDs and the more common NIST names such as "P-256". Enhance
ecparam utility and ECC method to recognise the NIST names for curves.
 2012-02-21 14:41:13 +00:00
Dr. Stephen Henson
5863163732 Additional compatibility fix for MDC2 signature format. 
Update RSA EVP_PKEY_METHOD to use the OCTET STRING form of MDC2 signature:
this will make all versions of MDC2 signature equivalent.
 2012-02-15 14:27:25 +00:00
Dr. Stephen Henson
83cb7c4635 An incompatibility has always existed between the format used for RSA 
signatures and MDC2 using EVP or RSA_sign. This has become more apparent
when the dgst utility in OpenSSL 1.0.0 and later switched to using the
EVP_DigestSign functions which call RSA_sign.

This means that the signature format OpenSSL 1.0.0 and later used with
dgst -sign and MDC2 is incompatible with previous versions.

Add detection in RSA_verify so either format works.

Note: MDC2 is disabled by default in OpenSSL and very rarely used in practice.
 2012-02-15 14:04:00 +00:00
Dr. Stephen Henson
fc7dae5229 PR: 2717 
Submitted by: Tim Rice <tim@multitalents.net>

Make compilation work on OpenServer 5.0.7
 2012-02-11 23:41:19 +00:00
Dr. Stephen Henson
f94cfe6a12 only cleanup ctx if we need to, save ctx flags when we do 2012-02-10 16:55:17 +00:00
Andy Polyakov
0208ab2e3f bn_nist.c: make new optimized code dependent on BN_LLONG. 2012-02-02 07:46:05 +00:00
Dr. Stephen Henson
7568d15acd allow key agreement for SSL/TLS certificates 2012-01-26 14:57:45 +00:00
Andy Polyakov
98909c1d5b ghash-x86.pl: engage original MMX version in no-sse2 builds. 2012-01-25 17:56:08 +00:00
Andy Polyakov
e6903980af x86_64-xlate.pl: proper solution for RT#2620. 2012-01-21 11:34:53 +00:00
Andy Polyakov
a985410d2d cryptlib.c: sscanf warning. 2012-01-15 17:13:57 +00:00
Andy Polyakov
0ecedec82d Fix OPNESSL vs. OPENSSL typos. 
PR: 2613
Submitted by: Leena Heino
 2012-01-15 13:39:10 +00:00
Dr. Stephen Henson
9bd20155ba fix warning 2012-01-15 13:30:41 +00:00
Andy Polyakov
5d13669a2c cryptlib.c: make even non-Windows builds "strtoull-agnostic". 2012-01-14 18:46:15 +00:00
Andy Polyakov
adb5a2694a sha512-sparcv9.pl: work around V8+ warning. 2012-01-13 09:18:05 +00:00
Andy Polyakov
23b93b587b aes-ppc.pl, sha512-ppc.pl: comply even with Embedded ABI specification 
(most restrictive about r2 and r13 usage).
 2012-01-13 09:16:52 +00:00
Andy Polyakov
a50bce82ec Sanitize usage of <ctype.h> functions. It's important that characters 
are passed zero-extended, not sign-extended.
PR: 2682
 2012-01-12 16:21:35 +00:00
Andy Polyakov
713f49119f ec_pmeth.c: fix typo in commentary. 
PR: 2677
Submitted by: Annue Yousar
 2012-01-12 13:22:51 +00:00
Andy Polyakov
6e913f9901 asn1/t_x509.c: fix serial number print, harmonize with a_int.c. 
PR: 2675
Submitted by: Annie Yousar
 2012-01-11 21:12:22 +00:00
Andy Polyakov
e255024bf7 aes-sparcv9.pl: clean up regexp 
PR: 2685
 2012-01-11 15:30:53 +00:00
Dr. Stephen Henson
8fa397a6bc fix warning (revert original patch) 2012-01-10 14:36:41 +00:00
Andy Polyakov
03cf7e784c cmac.c: optimize make_kn and move zero_iv to const segment. 2012-01-06 13:19:16 +00:00
Andy Polyakov
ce0727f9bd bn_nist.c: harmonize buf in BN_nist_mod_256 with other mod functions. 2012-01-06 13:17:47 +00:00
Dr. Stephen Henson
be71c37296 Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) 2012-01-04 23:01:54 +00:00
Dr. Stephen Henson
6074fb0979 fix warnings 2012-01-04 14:45:47 +00:00
Dr. Stephen Henson
b333905011 incomplete provisional OAEP CMS decrypt support 2012-01-02 18:25:37 +00:00
Dr. Stephen Henson
84b6e277d4 make update 2011-12-27 14:46:03 +00:00
Dr. Stephen Henson
ffdfce8d14 fix error code 2011-12-27 14:40:21 +00:00
Dr. Stephen Henson
7e159e0133 PR: 2535 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Add SCTP support for DTLS (RFC 6083).
 2011-12-25 14:45:15 +00:00
Dr. Stephen Henson
ad89bf7894 PR: 2563 
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve

Improved PRNG seeding for VOS.
 2011-12-19 17:01:37 +00:00
Andy Polyakov
0e1467a64c vpaes-x86.pl: revert previous commit and solve the problem through x86masm.pl. 
PR: 2657
 2011-12-15 22:20:05 +00:00
Dr. Stephen Henson
f2fc30751e PR: 1794 
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Remove unnecessary code for srp and to add some comments to
s_client.

- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable

- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.
 2011-12-14 22:17:06 +00:00
Andy Polyakov
405edfdcab vpaes-x86.pl: portability fix. 
PR: 2657
 2011-12-14 21:29:32 +00:00
Ben Laurie
b9ef708e40 Padlock engine doesn't build (the asm parts are not built for some reason), 
so remove for now.
 2011-12-13 15:56:40 +00:00
Ben Laurie
e166891e0d Fix warning. 2011-12-13 15:55:35 +00:00
Andy Polyakov
8c98b2591f modexp512-x86_64.pl: Solaris protability fix. 
PR: 2656
 2011-12-12 15:10:14 +00:00
Dr. Stephen Henson
a3a2e3a43d add cofactor ECDH support from fips branch 2011-12-10 13:35:11 +00:00
Andy Polyakov
7ffa48ad38 perlasm/x86gas.pl: give a hand old assemblers assembling loop instruction. 2011-12-09 19:16:20 +00:00
Andy Polyakov
5711dd8eac x86-mont.pl: fix bug in integer-only squaring path. 
PR: 2648
 2011-12-09 14:21:25 +00:00
Dr. Stephen Henson
2ca873e8d8 transparently handle X9.42 DH parameters 2011-12-07 12:44:03 +00:00
Dr. Stephen Henson
afb14cda8c Initial experimental support for X9.42 DH parameter format to handle 
RFC5114 parameters and X9.42 DH public and private keys.
 2011-12-07 00:32:34 +00:00
Bodo Möller
ea8c77a55b Fix ecdsatest.c. 
Submitted by: Emilia Kasper
 2011-12-02 12:41:17 +00:00
Bodo Möller
390c579568 Fix BIO_f_buffer(). 
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
 2011-12-02 12:25:03 +00:00
Dr. Stephen Henson
0798170966 Update DH_check() to peform sensible checks when q parameter is present. 2011-12-01 17:27:36 +00:00
Dr. Stephen Henson
28ff14779e Correct some parameter values. 2011-12-01 17:26:58 +00:00
Andy Polyakov
6600126825 bn/asm/mips.pl: fix typos. 2011-12-01 12:16:09 +00:00
Dr. Stephen Henson
f6c0bd641c return error if counter exceeds limit and seed value supplied 2011-11-25 16:03:42 +00:00
Dr. Stephen Henson
ea7fe214c4 check counter value against 4 * L, not 4096 2011-11-25 15:01:23 +00:00
Andy Polyakov
d127ef78ad bsaes-x86_64.pl: fix buffer overrun in tail processing. 2011-11-16 23:34:01 +00:00
Dr. Stephen Henson
d674bb4bc8 In EC_KEY_set_public_key_affine_coordinates include explicit check to see passed components do not exceed field order 2011-11-16 13:28:35 +00:00
Ben Laurie
333f926d67 Add DTLS-SRTP. 2011-11-15 22:59:20 +00:00
Andy Polyakov
dce7f142a6 Configure: reimplement commit#21695. 2011-11-15 12:32:18 +00:00
Andy Polyakov
77aae9654f Configure, e_aes.c: allow for XTS assembler implementation. 2011-11-15 12:18:40 +00:00
Ben Laurie
ae55176091 Fix some warnings caused by __owur. Temporarily (I hope) remove the more 
aspirational __owur annotations.
 2011-11-14 00:36:10 +00:00
Andy Polyakov
fe06864836 bsaes-x86_64.pl: add Win64 SEH and "hadrware" calls to aes-x86_64.pl. 2011-11-13 20:33:41 +00:00
Andy Polyakov
0985bd4f80 bn_nist.c: fix strict-aliasing compiler warning. 2011-11-13 17:31:03 +00:00
Dr. Stephen Henson
20bee9684d Add RFC5114 DH parameters to OpenSSL. Add test data to dhtest. 2011-11-13 14:07:36 +00:00
Andy Polyakov
6a828b7a8e rc4test.c: commit#21684 broke x86_64 shared Linux build. This is temporary 
solution so that one can build rc4test...
 2011-11-12 13:37:20 +00:00
Andy Polyakov
32268b183f e_aes.c: additional sanity check in aes_xts_cipher. 2011-11-12 13:26:36 +00:00
Andy Polyakov
ff6f9f96fd cryptlib.c, etc.: fix linker warnings in 64-bit Darwin build. 2011-11-12 13:10:00 +00:00
Andy Polyakov
4a5397fb68 Configure, x86gas.pl: fix linker warnings in 32-bit Darwin build. 2011-11-12 12:16:11 +00:00
Andy Polyakov
60d4e99cf3 bsaes-x86_64.pl: add bsaes_xts_[en|de]crypt. 2011-11-10 22:41:31 +00:00
Andy Polyakov
3c075bf07f arm_arch.h: allow to specify __ARM_ARCH__ elsewhere. 2011-11-09 20:08:44 +00:00
Andy Polyakov
bdf40fd251 x86cpuid.pl: compensate for imaginary virtual machines. 2011-11-08 21:27:44 +00:00
Andy Polyakov
9a480169cd e_aes.c: fold aesni_xts_cipher and [most importantly] fix aes_xts_cipher's 
return value after custom flag was rightly reverted.
 2011-11-06 19:48:39 +00:00
Andy Polyakov
29fd6746f5 armv4cpuid.S, armv4-gf2m.pl: make newest code compilable by older assembler. 2011-11-05 13:07:18 +00:00
Andy Polyakov
e879dd4386 x86cpuid.pl: don't punish "last-year" OSes on "this-year" CPUs. 
PR: 2633
 2011-11-05 10:44:12 +00:00
Andy Polyakov
09f40a3cb9 ppc.pl: fix bug in bn_mul_comba4. 
PR: 2636
Submitted by: Charles Bryant
 2011-11-05 10:16:04 +00:00
Dr. Stephen Henson
f4324e51dd Add single call public key sign and verify functions. 2011-11-05 01:34:36 +00:00
Richard Levitte
92064785ec Typo... 2011-10-30 14:43:53 +00:00
Andy Polyakov
a75a52a43e bsaes-x86_64.pl: add CBC decrypt and engage it in e_aes.c. 2011-10-30 12:15:56 +00:00
Richard Levitte
ada35f9c2c Add missing algorithms to disable, and in particular, disable 
EC_NISTP_64_GCC_128 by default, as GCC isn't currently supported on
VMS.  Synchronise with Unix.
 2011-10-30 11:46:07 +00:00
Andy Polyakov
0933887112 bn_exp.c: fix corner case in new constant-time code. 
Submitted by: Emilia Kasper
 2011-10-29 19:25:13 +00:00
Andy Polyakov
b08259cdfe bsaes-x86_64.pl: optimize InvMixColumns. 2011-10-29 11:56:21 +00:00
Andy Polyakov
28507577b1 bsaes-x86_64.pl: add decryption procedure (with unoptimized reference 
InvMixColumns).
 2011-10-29 11:47:20 +00:00
Dr. Stephen Henson
32cf5baeae PR: 2632 
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
 2011-10-26 16:43:34 +00:00
Dr. Stephen Henson
482cdf2489 typo 2011-10-24 13:23:51 +00:00
Andy Polyakov
f2784994ec e_aes.c: fold even aesni_ccm_cipher. 2011-10-24 06:00:06 +00:00
Andy Polyakov
507b0d9d38 e_aes.c: prevent potential DoS in aes_gcm_tls_cipher. 2011-10-23 22:58:40 +00:00
Andy Polyakov
181fbb77f3 cryptlib.c: remove stdio dependency in Windows fipscanister.lib. 2011-10-23 19:41:00 +00:00
Dr. Stephen Henson
f59a5d6079 No need for custom flag in XTS mode: block length is 1. 2011-10-23 17:06:28 +00:00
Dr. Stephen Henson
5fd722600b Check for selftest failure in various places. 2011-10-22 17:24:27 +00:00
Andy Polyakov
5b198d5eea x86gas.pl: relax .init segment alignment. 2011-10-22 10:49:52 +00:00
Dr. Stephen Henson
8d742dd561 Update error codes. 2011-10-21 11:46:16 +00:00
Andy Polyakov
033a25cef5 armcap.c: auto-setup processor capability vector. 2011-10-20 20:52:26 +00:00
Andy Polyakov
d528caa725 sha1-mips.pl: fix typo. 2011-10-20 08:39:29 +00:00
Dr. Stephen Henson
5e4eb9954b add authentication parameter to FIPS_module_mode_set 2011-10-19 22:34:53 +00:00
Andy Polyakov
227a822ab6 vxworks-mips: unify and add assembler. 2011-10-19 21:49:20 +00:00
Andy Polyakov
a9cf0b81fa Remove superseded MIPS assembler modules. 2011-10-19 21:42:21 +00:00
Andy Polyakov
3ee4d41fe1 arm_arch.h: add missing pre-defined macro, __ARM_ARCH_5TEJ__. 2011-10-19 18:57:03 +00:00
Bodo Möller
e5641d7f05 BN_BLINDING multi-threading fix. 
Submitted by: Emilia Kasper (Google)
 2011-10-19 14:59:27 +00:00
Bodo Möller
e0d6132b8c Fix warnings. 
Also, use the common Configure mechanism for enabling/disabling the 64-bit ECC code.
 2011-10-19 08:59:53 +00:00
Bodo Möller
3e00b4c9db Improve optional 64-bit NIST-P224 implementation, and add NIST-P256 and 
NIST-P521. (Now -DEC_NISTP_64_GCC_128 enables all three of these;
-DEC_NISTP224_64_GCC_128 no longer works.)

Submitted by: Google Inc.
 2011-10-18 19:43:16 +00:00
Andy Polyakov
07904e0c6c evp/e_aes.c: fold AES-NI modes that heavily rely on indirect calls 
(trade 2% small-block performance), engage bit-sliced AES in GCM.
 2011-10-18 13:37:26 +00:00
Andy Polyakov
4010b341b7 x86_64-xlate.pl: make vpaes-x86_64.pl and rc4-md5-x86_64 work with ml64, 
fix bug in .crt section alignment.
PR: 2620, 2624
 2011-10-18 09:50:23 +00:00
Andy Polyakov
5a326467dc bsaes-x86_64.pl: make it work with ml64. 2011-10-18 09:22:04 +00:00
Andy Polyakov
3b7c14bb90 [bs|vp]aes-x86[_64].pl: typos and clarifications. 2011-10-18 08:03:02 +00:00
Andy Polyakov
e2473dcc7d c_allc.c: add aes-xts to loop. 2011-10-18 07:53:50 +00:00
Andy Polyakov
78f288d5c9 bn_mont.c: get corner cases right in updated BN_from_montgomery_word. 2011-10-17 23:35:00 +00:00
Andy Polyakov
8329e2e776 bn_exp.c: further optimizations using more ideas from 
http://eprint.iacr.org/2011/239.
 2011-10-17 17:41:49 +00:00
Andy Polyakov
3f66f2040a x86_64-mont.pl: minor optimization. 2011-10-17 17:39:59 +00:00
Andy Polyakov
2534891874 bn_mont.c: simplify BN_from_montgomery_word. 2011-10-17 17:24:28 +00:00
Andy Polyakov
79ba545c09 bn_shift.c: minimize reallocations, which allows BN_FLG_STATIC_DATA to 
be shifted in specific cases.
 2011-10-17 17:20:48 +00:00
Andy Polyakov
993adc0531 Engage bsaes-x86_64.pl, bit-sliced AES. 2011-10-17 17:10:54 +00:00
Dr. Stephen Henson
bc1b04d255 L=3072, N=256 provides 128 bits of security not 112. 2011-10-16 12:31:49 +00:00
Andy Polyakov
8fcdb1e60f Add android-x86. 2011-10-15 08:32:16 +00:00
Dr. Stephen Henson
ffbfbef943 more vxworks patches 2011-10-14 22:04:14 +00:00
Andy Polyakov
027026df9f e_aes.c: fix bug in aesni_gcm_tls_cipher. 2011-10-14 09:32:06 +00:00
Andy Polyakov
9ee5916d97 aesni-x86[_64].pl: fix bug in CCM code. 2011-10-14 09:15:19 +00:00
Andy Polyakov
af9b610cef Remove eng_aesni.c as AES-NI support is integrated directly at EVP. 2011-10-13 19:46:44 +00:00
Bodo Möller
4f2015742d Oops - ectest.c finds further problems beyond those exposed by bntext.c 2011-10-13 14:29:59 +00:00
Bodo Möller
0a06ad76a1 Avoid failed assertion in BN_DEBUG builds 2011-10-13 14:21:39 +00:00
Bodo Möller
bf6d2f986d Make CTR mode behaviour consistent with other modes: 
- clear ctx->num in EVP_CipherInit_ex
- adapt e_eas.c changes from http://cvs.openssl.org/chngview?cn=19816
  for eng_aesni.c

Submitted by: Emilia Kasper
 2011-10-13 13:41:34 +00:00
Bodo Möller
cdfe0fdde6 Fix OPENSSL_BN_ASM_MONT5 for corner cases; add a test. 
Submitted by: Emilia Kasper
 2011-10-13 12:35:10 +00:00
Dr. Stephen Henson
7fc78f11e8 Remove o_init.o special case from Makefile: this doesn't work. 2011-10-12 17:27:08 +00:00
Dr. Stephen Henson
3231e42d72 update pkey method initialisation and copy 2011-10-11 18:15:31 +00:00
Dr. Stephen Henson
cd366cf7ec print out subgroup order if present 2011-10-11 17:44:26 +00:00
Dr. Stephen Henson
a59163f6b6 def_rsa_finish not used any more. 2011-10-10 20:35:09 +00:00
Dr. Stephen Henson
fe4394cf1d remove some debugging code 2011-10-10 19:09:01 +00:00
Dr. Stephen Henson
84a75ba38c fix leak properly this time... 2011-10-10 14:08:55 +00:00
Dr. Stephen Henson
42753a4f67 fix memory leaks 2011-10-09 23:08:15 +00:00
Dr. Stephen Henson
58b75e9c26 PR: 2482 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
 2011-10-09 00:56:52 +00:00
Dr. Stephen Henson
66bb328e11 ? crypto/aes/aes-armv4.S 
? crypto/aes/aesni-sha1-x86_64.s
? crypto/aes/aesni-x86_64.s
? crypto/aes/foo.pl
? crypto/aes/vpaes-x86_64.s
? crypto/bn/.bn_lib.c.swp
? crypto/bn/armv4-gf2m.S
? crypto/bn/diffs
? crypto/bn/modexp512-x86_64.s
? crypto/bn/x86_64-gf2m.s
? crypto/bn/x86_64-mont5.s
? crypto/ec/bc.txt
? crypto/ec/diffs
? crypto/modes/a.out
? crypto/modes/diffs
? crypto/modes/ghash-armv4.S
? crypto/modes/ghash-x86_64.s
? crypto/modes/op.h
? crypto/modes/tst.c
? crypto/modes/x.h
? crypto/objects/.obj_xref.txt.swp
? crypto/rand/diffs
? crypto/sha/sha-512
? crypto/sha/sha1-armv4-large.S
? crypto/sha/sha256-armv4.S
? crypto/sha/sha512-armv4.S
Index: crypto/objects/obj_xref.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/objects/obj_xref.c,v
retrieving revision 1.9
diff -u -r1.9 obj_xref.c
--- crypto/objects/obj_xref.c	5 Nov 2008 18:38:58 -0000	1.9
+++ crypto/objects/obj_xref.c	6 Oct 2011 20:30:21 -0000
@@ -110,8 +110,10 @@
 #endif
 	if (rv == NULL)
 		return 0;
-	*pdig_nid = rv->hash_id;
-	*ppkey_nid = rv->pkey_id;
+	if (pdig_nid)
+		*pdig_nid = rv->hash_id;
+	if (ppkey_nid)
+		*ppkey_nid = rv->pkey_id;
 	return 1;
 	}

@@ -144,7 +146,8 @@
 #endif
 	if (rv == NULL)
 		return 0;
-	*psignid = (*rv)->sign_id;
+	if (psignid)
+		*psignid = (*rv)->sign_id;
 	return 1;
 	}

Index: crypto/x509/x509type.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/x509/x509type.c,v
retrieving revision 1.10
diff -u -r1.10 x509type.c
--- crypto/x509/x509type.c	26 Oct 2007 12:06:33 -0000	1.10
+++ crypto/x509/x509type.c	6 Oct 2011 20:36:04 -0000
@@ -100,20 +100,26 @@
 		break;
 		}

-	i=X509_get_signature_type(x);
-	switch (i)
+	i=OBJ_obj2nid(x->sig_alg->algorithm);
+	if (i && OBJ_find_sigid_algs(i, NULL, &i))
 		{
-	case EVP_PKEY_RSA:
-		ret|=EVP_PKS_RSA;
-		break;
-	case EVP_PKEY_DSA:
-		ret|=EVP_PKS_DSA;
-		break;
-	case EVP_PKEY_EC:
-		ret|=EVP_PKS_EC;
-		break;
-	default:
-		break;
+
+		switch (i)
+			{
+		case NID_rsaEncryption:
+		case NID_rsa:
+			ret|=EVP_PKS_RSA;
+			break;
+		case NID_dsa:
+		case NID_dsa_2:
+			ret|=EVP_PKS_DSA;
+			break;
+		case NID_X9_62_id_ecPublicKey:
+			ret|=EVP_PKS_EC;
+			break;
+		default:
+			break;
+			}
 		}

 	if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
 2011-10-06 20:44:02 +00:00
Andy Polyakov
112726486d bsaes-x86_64.pl: add due credit. 2011-09-27 19:34:40 +00:00
Andy Polyakov
4ec93a10bd Add bit-sliced AES x86_64 assembler, see http://homes.esat.kuleuven.be/~ekasper/#software for background information. It's not integrated into build system yet. 2011-09-25 15:31:51 +00:00
Dr. Stephen Henson
c2035bffe7 PR: 2606 
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve

Handle timezones correctly in UTCTime.
 2011-09-23 13:39:23 +00:00
Dr. Stephen Henson
e74ac3f830 Update error codes. 2011-09-21 16:17:18 +00:00
Andy Polyakov
2b1f17f83f Make latest assembler additions (vpaes and e_padlock) work in Windows build. 2011-09-18 15:40:11 +00:00
Andy Polyakov
7470276a25 sha256-586.pl: minor optimization, +0-2% on all CPUs, +7% on Westmere. 2011-09-17 12:57:33 +00:00
Andy Polyakov
d2fd65f6f6 sha512-x86_64.pl: +15% better performance on Westmere and incidentally Atom. 
Other Intel processors +5%, Opteron -2%.
 2011-09-17 11:30:28 +00:00
Dr. Stephen Henson
819cf4b886 Sync error codes with 1.0.1-stable. 2011-09-17 00:17:46 +00:00
Andy Polyakov
8ca28da0a7 Integrate Vector Permutation AES into build system. 2011-09-15 20:22:59 +00:00
Andy Polyakov
03e389cf04 Allow for dynamic base in Win64 FIPS module. 2011-09-14 20:48:49 +00:00
Andy Polyakov
543dfa9f0e vpaes-x86[_64]*.pl: fix typo. 2011-09-12 12:50:00 +00:00
Andy Polyakov
a87ff751b7 Add so called Vector Permutation AES x86[_64] assembler, see 
http://crypto.stanford.edu/vpaes/ for background information.
It's not integrated into build system yet.
 2011-09-12 08:25:14 +00:00
Dr. Stephen Henson
bbb19418e6 Add error codes for DRBG KAT failures. 
Add abbreviated DRBG KAT for POST which only performs a single generate
operations instead of four.
 2011-09-06 20:46:27 +00:00
Andy Polyakov
ed28aef8b4 Padlock engine: make it independent of inline assembler. 2011-09-06 20:45:36 +00:00
Dr. Stephen Henson
0486cce653 Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past 
produce an error (CVE-2011-3207)
 2011-09-06 15:15:09 +00:00
Andy Polyakov
dd83d0f4a7 crypto/bn/bn_gf2m.c: make it work with BN_DEBUG. 2011-09-05 16:14:43 +00:00
Bodo Möller
612fcfbd29 Fix d2i_SSL_SESSION. 2011-09-05 13:31:17 +00:00
Bodo Möller
837e1b6812 Fix memory leak on bad inputs. 2011-09-05 09:57:20 +00:00
Bodo Möller
ae53b299fa make update 2011-09-05 09:46:15 +00:00
Bodo Möller
f0ecb86666 Fix error codes. 2011-09-05 09:42:34 +00:00
Dr. Stephen Henson
a60cc6b4f0 Don't use *from++ in tolower as this is implemented as a macro on some 
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.
 2011-09-02 11:28:27 +00:00
Dr. Stephen Henson
2c1f5ce4b1 PR: 2576 
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve

Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
 2011-09-02 11:20:15 +00:00
Dr. Stephen Henson
74e056edbc PR: 2340 
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve

Stop warnings if OPENSSL_NO_DGRAM is defined.
 2011-09-01 15:01:35 +00:00
Dr. Stephen Henson
ff7231043f make timing attack protection unconditional 2011-09-01 14:23:09 +00:00
Dr. Stephen Henson
5e92fd244c Stop warnings. 2011-09-01 14:15:47 +00:00
Dr. Stephen Henson
04485c5bc0 PR: 2589 
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Initialise p pointer.
 2011-09-01 13:52:48 +00:00
Dr. Stephen Henson
d77a970669 PR: 2588 
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Close file pointer.
 2011-09-01 13:49:16 +00:00
Andy Polyakov
cfdbff23ab bn_exp.c: improve portability. 2011-08-27 19:38:55 +00:00
Dr. Stephen Henson
2abaa9caaf Add support for DSA2 PQG generation of g parameter. 2011-08-27 12:30:47 +00:00
Dr. Stephen Henson
f55f5f775e Add support for canonical generation of DSA parameter g. 
Modify fips_dssvs to support appropriate file format.
 2011-08-26 14:51:49 +00:00
Dr. Stephen Henson
7daf0efad9 Fix warning. 2011-08-25 19:50:51 +00:00
Andy Polyakov
c608171d9c Add RC4-MD5 and AESNI-SHA1 "stitched" implementations. 2011-08-23 20:51:38 +00:00
Andy Polyakov
c2d4c2867b eng_rsax.c: improve portability. 2011-08-22 19:01:16 +00:00
Andy Polyakov
6c01cbb6a0 modexp512-x86_64.pl: make it work with ml64. 2011-08-19 06:30:32 +00:00
Andy Polyakov
bf3dfe7fee bn_div.c: remove duplicate code by merging BN_div and BN_div_no_branch. 2011-08-14 11:31:35 +00:00
Andy Polyakov
e7d1363d12 x86_64-mont5.pl: add missing Win64 support. 2011-08-14 09:06:06 +00:00
Andy Polyakov
f744bcfd73 eng_rdrand.c: make it link in './config 386' case. 2011-08-14 08:30:56 +00:00
Andy Polyakov
10bd69bf4f armv4-mont.pl: profiler-assisted optimization gives 8%-14% improvement 
(more for longer keys) on RSA/DSA.
 2011-08-13 12:38:41 +00:00
Andy Polyakov
ae8b47f07f SPARC assembler pack: fix FIPS linking errors. 2011-08-12 21:38:19 +00:00
Andy Polyakov
272ba87017 x86_64-xlate.pl: fix movzw. 2011-08-12 21:24:19 +00:00
Andy Polyakov
361512da0d This commit completes recent modular exponentiation optimizations on 
x86_64 platform. It targets specifically RSA1024 sign (using ideas
from http://eprint.iacr.org/2011/239) and adds more than 10% on most
platforms. Overall performance improvement relative to 1.0.0 is ~40%
in average, with best result of 54% on Westmere. Incidentally ~40%
is average improvement even for longer key lengths.
 2011-08-12 16:44:32 +00:00
Andy Polyakov
20735f4c81 alphacpuid.pl: fix alignment bug. 
alpha-mont.pl: fix typo.
PR: 2577
 2011-08-12 12:28:52 +00:00
Dr. Stephen Henson
ab1ec69843 aesni TLS GCM support 2011-08-11 23:06:19 +00:00
Dr. Stephen Henson
19ad345739 prevent compilation errors and warnings 2011-08-11 21:12:17 +00:00
Andy Polyakov
37f010e248 Add provisory support for RDRAND instruction. 2011-08-10 18:52:42 +00:00
Andy Polyakov
85ec54a417 x86_64-mont.pl: futher optimization resulting in up to 48% improvement 
(4096-bit RSA sign benchmark on Core2) in comparison to initial version
from 2005.
 2011-08-09 13:05:05 +00:00
Andy Polyakov
267b481c47 aes/asm/aesni-*.pl: fix CCM and further optimize it. 
modes/ccm128.c: minor branch optimization.
 2011-08-07 17:47:56 +00:00
Dr. Stephen Henson
8a8cc84f74 fix memory leak 2011-08-03 16:39:58 +00:00
Dr. Stephen Henson
28dd49faec Expand range of ctrls for AES GCM to support retrieval and setting of 
invocation field.

Add complete support for AES GCM ciphersuites including all those in
RFC5288 and RFC5289.
 2011-08-03 15:37:22 +00:00
Dr. Stephen Henson
3699ec6056 recognise ecdsaWithSHA1 OID 2011-07-28 14:40:01 +00:00
Andy Polyakov
2667162d33 cryptlib.c: OPENSSL_ia32cap environment variable to interpret ~ as cpuid mask. 2011-07-23 12:10:26 +00:00
Dr. Stephen Henson
1d5121552d Make sure OPENSSL_FIPSCANISTER is visible to ARM assembly language files. 2011-07-22 14:20:50 +00:00
Dr. Stephen Henson
4f275f248e stop warnings 2011-07-21 13:45:06 +00:00
Andy Polyakov
7b41f350d4 aes-ppc.pl: minor optimization favoring embedded processors (performance 
of "big" processors is unaffected).
 2011-07-20 22:16:27 +00:00
Andy Polyakov
be9a8cc2af Add RSAX builtin engine. It optimizes RSA1024 sign benchmark. 2011-07-20 21:49:46 +00:00
Dr. Stephen Henson
dafce90ae5 PR: 2559 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS socket error bug
 2011-07-20 15:22:11 +00:00
Andy Polyakov
9df286b13a sha512-sparcv9.pl: minor optimization of sha256. 2011-07-18 11:34:07 +00:00
Andy Polyakov
87873f4328 ARM assembler pack: add platform run-time detection. 2011-07-17 17:40:29 +00:00
Dr. Stephen Henson
9fe51d5f73 PR: 2556 (partial) 
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
 2011-07-14 12:01:53 +00:00
Andy Polyakov
4195a369fd perlasm/cbc.pl: fix tail processing bug. 
PR: 2557
 2011-07-13 06:20:30 +00:00
Andy Polyakov
a355cf9bf5 evp.h: add flag to distinguish AEAD ciphers and pair of control codes... 2011-07-11 13:54:53 +00:00
Andy Polyakov
6179f06077 x86_64-mont.pl: add squaring procedure and improve RSA sign performance 
by up to 38% (4096-bit benchmark on Core2).
 2011-07-05 09:21:03 +00:00
Andy Polyakov
6fa4c7c43b x86_64-xlate.pl: sha1 and md5 warnings made it to nasm 2.09, extend gnu 
assembler workaround to all assemblers.
 2011-07-04 13:10:50 +00:00
Andy Polyakov
169a274a41 sha1-x86_64.pl: nasm 2.07 screws up labels if AVX path is compiled. 2011-07-04 13:00:24 +00:00
Andy Polyakov
02a73e2bed s390x-gf2m.pl: commentary update (final performance numbers turned to be 
higher).
 2011-07-04 11:20:33 +00:00
Andy Polyakov
da5e9871e9 sha1-x86_64.pl: fix win64-specific typos and add masm support. 2011-07-01 21:23:13 +00:00
Andy Polyakov
94c64f9a1c x86_64-xlate.pl: masm-specific update. 2011-07-01 21:21:14 +00:00
Andy Polyakov
be6ddecb8b crypto/aes/Makefile: make it work on IRIX. 2011-06-28 12:55:39 +00:00
Andy Polyakov
450853cd04 crypto/whrlpool/wp_block.c: harmonize OPENSSL_ia32cap_P. 2011-06-28 12:42:10 +00:00
Andy Polyakov
5a0876cb8c crypto/sha/asm/sha[1|512]-mips.pl: minor updates. 2011-06-28 12:41:19 +00:00
Andy Polyakov
a908b711ac rc4-586.pl: add Atom performance results. 2011-06-28 12:36:10 +00:00
Andy Polyakov
2036c9a59a md5-x86_86.pl: remove redundant instructions. 2011-06-28 12:33:58 +00:00
Andy Polyakov
b247f7387f crypto/bn/Makefile: fix typo. 2011-06-28 08:52:36 +00:00
Andy Polyakov
0c237e42a4 s390x assembler pack: add s390x-gf2m.pl and harmonize AES_xts_[en|de]crypt. 2011-06-27 10:00:31 +00:00
Andy Polyakov
0772f3b4f6 rc4-x86_64.pl: commentary update. 2011-06-27 09:46:16 +00:00
Andy Polyakov
0a9a692e4e Minor x86_64 perlasm update. 2011-06-27 09:45:10 +00:00
Richard Levitte
021270af37 Add a symbol for the first parameter to OPENSSL_showfatal(). 2011-06-23 09:46:27 +00:00
Richard Levitte
ab688c234d Add symbols for the parameters on a couple more functions. 2011-06-23 09:43:54 +00:00
Dr. Stephen Henson
9a4be82388 PR: 2470 
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve

Don't call ERR_remove_state from DllMain.
 2011-06-22 15:38:21 +00:00
Dr. Stephen Henson
8038e7e44c PR: 2540 
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Prevent infinite loop in BN_GF2m_mod_inv().
 2011-06-22 15:24:05 +00:00
Dr. Stephen Henson
b507284c7e correctly encode OIDs near 2^32 2011-06-22 15:15:58 +00:00
Dr. Stephen Henson
ce02589259 Now the FIPS capable OpenSSL is available simplify the various FIPS test 
build options.

All fispcanisterbuild builds only build fipscanister.o and include symbol
renaming.

Move all renamed symbols to fipssyms.h

Update README.FIPS
 2011-06-22 12:30:18 +00:00
Dr. Stephen Henson
a52b7b44b2 allow MD5 use for computing old format hash links 2011-06-22 02:18:19 +00:00
Dr. Stephen Henson
ff053fc847 Don't set FIPS rand method at same time as RAND method as this can cause the 
FIPS library to fail. Applications that want to set the FIPS rand method can do
so explicitly and presumably they know what they are doing...
 2011-06-21 17:10:21 +00:00
Dr. Stephen Henson
af17d99245 make EVP_dss() work for DSA signing 2011-06-20 20:05:51 +00:00
Dr. Stephen Henson
9ebc37e667 add null cipher to FIPS module 2011-06-20 19:48:44 +00:00
Dr. Stephen Henson
9945b460e2 Give parameters names in prototypes. 2011-06-17 16:47:41 +00:00
Dr. Stephen Henson
bd6386f59c make sure custom cipher flag doesn't use any mode bits 2011-06-13 23:06:43 +00:00
Dr. Stephen Henson
f41154b206 #undef bn_div_words as it is defined for FIPS builds. 2011-06-10 14:03:27 +00:00
Dr. Stephen Henson
3096d53b46 Update dependencies for m_dss.c too. 2011-06-10 14:00:02 +00:00
Dr. Stephen Henson
068291cd44 Remove x509.h from SHA1 clone digests, update dependencies. 2011-06-10 13:52:44 +00:00
Dr. Stephen Henson
4960411e1f Add flags for DH FIPS method. 
Update/fix prototypes in fips.h
 2011-06-08 15:53:08 +00:00
Dr. Stephen Henson
6b6abd627c Set flags in ECDH and ECDSA methods for FIPS. 2011-06-08 13:52:36 +00:00
Andy Polyakov
7eabad423c rc4_skey.c: remove dead/redundant code (it's never compiled) and 
misleading/obsolete comment.
 2011-06-06 20:02:26 +00:00
Dr. Stephen Henson
644ce07ecd Move function prototype to fips.h 2011-06-06 11:56:58 +00:00
Andy Polyakov
17f121de9d e_aes.c: move AES-NI run-time switch and implement the switch for remaining modes. 2011-06-06 11:40:03 +00:00
Andy Polyakov
4d01f2761d x86_64cpuid.pl: fix typo. 2011-06-04 13:08:25 +00:00
Andy Polyakov
301799b803 x86[_64]cpuid.pl: add function accessing rdrand instruction. 2011-06-04 12:20:45 +00:00
Dr. Stephen Henson
b8b90804b6 license correction, no EAY code included in this file 2011-06-03 17:56:17 +00:00
Dr. Stephen Henson
2280dc7c43 Remove FIPS RSA functions from crypto/rsa. 2011-06-02 17:52:39 +00:00
Dr. Stephen Henson
bce1af7762 Add DSA and ECDSA "clone digests" to module for compatibility with old 
applications.
 2011-06-01 14:07:32 +00:00
Andy Polyakov
62b6c5c404 e_aes.c: fix typo. 2011-05-30 10:13:42 +00:00
Andy Polyakov
e76cbcf686 e_aes.c: fix aes_cfb1_cipher. 2011-05-30 10:10:05 +00:00
Andy Polyakov
d1fff483d6 e_aes.c: integrate AESNI directly into EVP. 2011-05-30 09:16:01 +00:00
Andy Polyakov
8da721ee2b aesni-x86[_64].pl: relax alignment requirement. 2011-05-30 09:15:16 +00:00
Andy Polyakov
fe9a5107be Various mingw64 fixes. 2011-05-29 13:51:14 +00:00
Andy Polyakov
afa4b38671 sha1-586|x86_64.pl: minor portability fix. 2011-05-29 13:48:57 +00:00
Andy Polyakov
18f5603c53 x86cpuid.pl: last commit broke platforms with perl with 64-bit integer. 2011-05-29 12:50:02 +00:00
Andy Polyakov
0c149802a2 sha1-586|x86_64.pl: add SSSE3 and AVX code paths. 2011-05-29 12:39:48 +00:00
Andy Polyakov
cf3aeae419 aes-ppc.pl: handle unaligned data on page boundaries. 2011-05-28 09:41:36 +00:00
Andy Polyakov
f44cb15fab rc4-x86_64.pl: fix due credit. 2011-05-27 18:58:37 +00:00
Andy Polyakov
986289604e rc4-x86_64.pl: RC4_options fix-up. 2011-05-27 16:15:12 +00:00
Andy Polyakov
4bb90087d7 x86[_64]cpuid.pl: harmonize usage of reserved bits #20 and #30. 2011-05-27 15:32:43 +00:00
Andy Polyakov
6715034002 PPC assembler pack: adhere closer to ABI specs, add PowerOpen traceback data. 2011-05-27 13:32:34 +00:00
Andy Polyakov
0ca9a483af rc4-x86_64.pl: major optimization for contemporary Intel CPUs. 2011-05-27 09:51:09 +00:00
Andy Polyakov
0dff8ba248 rc4-586.pl: optimize even further... 2011-05-27 09:46:19 +00:00
Andy Polyakov
2bc3ad28b3 x86_64cpuid.pl: get AVX masking right. 2011-05-26 13:16:26 +00:00
Dr. Stephen Henson
a26e245ecd Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:52:21 +00:00
Dr. Stephen Henson
992bdde62d Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:41:56 +00:00
Dr. Stephen Henson
44ddb27fa6 PR: 2512 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
 2011-05-25 12:37:07 +00:00
Andy Polyakov
6a99984b57 rc4-586.pl: optimize unused code path. 2011-05-25 09:36:13 +00:00
Andy Polyakov
760d2551fb rc4-586.pl: 50% improvement on Core2 and 80% on Westmere. 2011-05-24 13:07:29 +00:00
Andy Polyakov
62f29eb1cf spacrv9cap.c: addenum to recent EC optimizations. 2011-05-23 08:14:32 +00:00
Andy Polyakov
f8501464cc aesni-x86[_64].pl: optimize for Sandy Bridge and add XTS mode. 2011-05-22 18:38:00 +00:00
Andy Polyakov
96abea332c x86_64-gf2m.pl: add Win64 SEH. 2011-05-22 18:29:11 +00:00
Andy Polyakov
2e75ed332f ppccap.c: addenum to recent EC optimizations. 2011-05-21 10:17:02 +00:00
Andy Polyakov
d8ea368c41 ec_cvt.c: ARM comparison results were wrong, clarify the background. 2011-05-21 08:40:18 +00:00
Andy Polyakov
fdf6dac859 ec_cvt.c: avoid EC_GFp_nist_method on platforms with bn_mul_mont [see 
commentary for details].
 2011-05-20 20:31:37 +00:00
Dr. Stephen Henson
086e32a6c7 Implement FIPS_mode and FIPS_mode_set 2011-05-19 18:09:02 +00:00
Dr. Stephen Henson
92b4d936cb inherit HMAC flags from MD_CTX 2011-05-19 17:38:25 +00:00
Andy Polyakov
fb2f3411ea aesni-x86_64.pl: make it compile on MacOS X. 2011-05-18 17:05:24 +00:00
Andy Polyakov
c30a2505e2 x86gas.pl: don't omit .comm OPENSSL_ia32cap_P on MacOS X. 2011-05-18 16:28:53 +00:00
Andy Polyakov
c7b903e01d x86_64-xlate.pl: add inter-register movq and make x86_64-gfm.s compile on 
Solaris, MacOS X, elderly gas...
 2011-05-18 16:26:03 +00:00
Andy Polyakov
ddc20d4da9 x86_64cpuid.pl: allow shared build to work without -Bsymbolic. 
PR: 2466
 2011-05-18 16:24:19 +00:00
Andy Polyakov
b906422149 x86[_64]cpuid.pl: handle new extensions. 2011-05-16 20:35:11 +00:00
Andy Polyakov
a3e07010b4 ppc-xlate.pl: get linux64 declaration right. 2011-05-16 19:52:41 +00:00
Andy Polyakov
2b9a8ca15b x86gas.pl: add palignr and move pclmulqdq. 2011-05-16 18:07:00 +00:00
Andy Polyakov
afebe623c5 x86_64 assembler pack: add x86_64-gf2m module. 2011-05-16 17:46:45 +00:00
Andy Polyakov
b5c6aab57e x86_64-xlate.pl: allow "base-less" effective address, add palignr, move 
pclmulqdq.
 2011-05-16 17:44:38 +00:00
Dr. Stephen Henson
b9b0a177f8 new flag to stop ENGINE methods being registered 2011-05-15 15:56:49 +00:00
Dr. Stephen Henson
f76b1baf86 Fix error discrepancy. 2011-05-12 14:28:09 +00:00
Andy Polyakov
b0188c4f07 bn_nist.c: fix shadowing warnings. 2011-05-11 20:19:00 +00:00
Dr. Stephen Henson
c2fd598994 Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in 
the FIPS capable OpenSSL.
 2011-05-11 14:43:38 +00:00
Dr. Stephen Henson
0b59755f43 Call fipsas.pl directly for pa-risc targets. 2011-05-09 15:23:00 +00:00
Andy Polyakov
1fb97e1313 Optimized bn_nist.c. Performance improvement varies from one benchmark 
and platform to another. It was measured to deliver 20-30% better
performance on x86 platforms and 30-40% on x86_64, on nistp384 benchmark.
 2011-05-09 10:16:32 +00:00
Dr. Stephen Henson
fc683d7213 allow SHA384, SHA512 wit DSA 2011-05-08 12:38:35 +00:00
Andy Polyakov
56c5f703c1 IA-64 assembler pack: fix typos and make it work on HP-UX. 2011-05-07 20:36:05 +00:00
Andy Polyakov
58cc21fdea x86 assembler pack: add bn_GF2m_mul_2x2 implementations (see x86-gf2m.pl for 
details and performance data).
 2011-05-07 10:31:06 +00:00
Dr. Stephen Henson
ad4784953d Return error codes for selftest failure instead of hard assertion errors. 2011-05-06 17:38:39 +00:00
Andy Polyakov
925596f85b ARM assembler pack: engage newly introduced armv4-gf2m module. 2011-05-05 21:57:11 +00:00
Dr. Stephen Henson
8d3cdd5b58 Fix warning of signed/unsigned comparison. 2011-05-05 14:47:38 +00:00
Andy Polyakov
75359644d0 ARM assembler pack. Add bn_GF2m_mul_2x2 implementation (see source code 
for details and performance data).
 2011-05-05 07:21:17 +00:00
Andy Polyakov
c7d0d0ae09 xts128.c: minor optimizaton. 2011-05-04 20:57:43 +00:00
Andy Polyakov
034688ec4d bn_gf2m.c: optimized BN_GF2m_mod_inv delivers sometimes 2x of ECDSA sign. 
Exact improvement coefficients vary from one benchmark and platform to
another, e.g. it performs 70%-33% better on ARM, hereafter less for
longer keys, and 100%-90% better on x86_64.
 2011-05-04 15:22:53 +00:00
Dr. Stephen Henson
a95bbadb57 Include fipssyms.h for ARM builds to translate symbols. 
Translate arm symbol to fips_*.
 2011-05-04 14:16:03 +00:00
Dr. Stephen Henson
e9093c9832 PR: 2499 
Submitted by: "James 'J.C.' Jones" <james.jc.jones@gmail.com>

Typos.
 2011-05-02 23:29:57 +00:00
Dr. Stephen Henson
9f7b2c76b1 Include crypto.h in ppccap.c 2011-05-01 16:54:24 +00:00
Dr. Stephen Henson
9a85e53813 no need to include memory.h 2011-04-30 23:37:42 +00:00
Dr. Stephen Henson
7c50694f05 Fix warning. 2011-04-24 12:40:26 +00:00
Andy Polyakov
3f0d14055b gcm128.c: minor optimization. 2011-04-24 11:10:54 +00:00
Andy Polyakov
f855b9d719 ccm128.c: add CRYPTO_ccm128_[en|de]crypt_ccm64 and minor optimization. 2011-04-24 11:10:14 +00:00
Richard Levitte
ce67647605 fips_check_dsa_prng() should only be built when OPENSSL_FIPS is defined. 2011-04-24 10:07:17 +00:00
Richard Levitte
171edf7ff4 Error discrepancy corrected. 2011-04-24 08:59:15 +00:00
Dr. Stephen Henson
69a80f7d5e More fixes for DSA FIPS overrides. 2011-04-23 21:59:12 +00:00
Dr. Stephen Henson
dc03504d09 Make sure overrides work for RSA/DSA. 2011-04-23 21:15:05 +00:00
Dr. Stephen Henson
383bc117bb Oops, work out expanded buffer length before allocating it... 2011-04-23 20:24:55 +00:00
Dr. Stephen Henson
e0d1a2f80a Always return multiple of block length bytes from default DRBG seed 
callback.

Handle case where no multiple of the block size is in the interval
[min_len, max_len].
 2011-04-23 20:05:19 +00:00
Dr. Stephen Henson
cac4fb58e0 Add PRNG security strength checking. 2011-04-23 19:55:55 +00:00
Andy Polyakov
9e5fe439b4 xts128.c: fix bug introduced in commit#20704. Bug affected encryption of 
vectors whose lenght was not multiples of 16 bytes.
 2011-04-23 09:15:03 +00:00
Dr. Stephen Henson
74fac927b0 Return errors instead of aborting when selftest fails. 2011-04-22 11:12:56 +00:00
Dr. Stephen Henson
84ed90f88b Fix WIN32 warning. 2011-04-21 14:54:33 +00:00
Dr. Stephen Henson
b8b6a13a56 Add continuous RNG test to entropy source. Entropy callbacks now need 
to specify a "block length".
 2011-04-21 14:17:15 +00:00
Dr. Stephen Henson
14264b19de Add periodic DRBG health checks as required by SP800-90. 2011-04-20 17:06:38 +00:00
Andy Polyakov
daaf5088fd xts128.c: minor optimization and clarified prototype. 2011-04-20 08:13:58 +00:00
Andy Polyakov
e382e4e603 perlasm/x86gas.pl: make OPENSSL_instrument_bus[2] compile. 2011-04-19 19:09:18 +00:00
Dr. Stephen Henson
cb1b3aa151 Add AES CCM selftest. 2011-04-19 18:57:58 +00:00
Dr. Stephen Henson
8c7096835b Use 0 for tbslen to perform strlen. 2011-04-19 11:10:54 +00:00
Dr. Stephen Henson
b5dd178740 Fix EVP CCM decrypt. Add decrypt support to algorithm test program. 2011-04-18 22:48:40 +00:00
Dr. Stephen Henson
98279c1629 Typo. 2011-04-18 21:01:24 +00:00
Andy Polyakov
a0cc46f8e4 ccm128.c: fix Win32 compiler warning. 2011-04-18 20:19:23 +00:00
Andy Polyakov
70d01a7f82 perlasm/x86[nm]asm.pl: make OPENSSL_instrument_bus[2] compile. 2011-04-18 20:18:03 +00:00
Andy Polyakov
5f1b10ed2e ccm128.c: fix STRICT_ALIGNMENT another bug in CRYPTO_ccm128_decrypt. 2011-04-18 19:17:28 +00:00
Dr. Stephen Henson
62dc7ed67c Override flag for XTS length limit. 2011-04-18 17:31:28 +00:00
Dr. Stephen Henson
2391681082 Initial untested CCM support via EVP. 2011-04-18 14:25:11 +00:00
Dr. Stephen Henson
6386b1b34d Compile ccm128.c, move some structures to modes_lcl.h add prototypes. 2011-04-18 13:15:37 +00:00
Dr. Stephen Henson
3b4a855778 Don't need separate tag buffer for GCM mode: use EVP_CIPHER_CTX buf 
field which is not unused for custom ciphers.
 2011-04-18 11:28:41 +00:00
Andy Polyakov
5fabb88a78 Multiple assembler packs: add experimental memory bus instrumentation. 2011-04-17 12:46:00 +00:00
Andy Polyakov
7e5b4d6779 ccm128.c: minor optimization and bugfix in CRYPTO_ccm128_[en|de]crypt. 2011-04-16 22:57:58 +00:00
Dr. Stephen Henson
45321c41e2 Add length limitation from SP800-38E. 2011-04-15 12:01:53 +00:00
Dr. Stephen Henson
bf8131f79f Add XTS selftest, include in fips_test_suite. 2011-04-15 11:30:19 +00:00
Dr. Stephen Henson
06b7e5a0e4 Add algorithm driver for XTS mode. Fix several bugs in EVP XTS implementation. 2011-04-15 02:49:30 +00:00
Dr. Stephen Henson
a6311f856b Remove several of the old obsolete FIPS_corrupt_*() functions. 2011-04-14 11:30:51 +00:00
Dr. Stephen Henson
ac892b7aa6 Initial incomplete POST overhaul: add support for POST callback to 
allow status of POST to be monitored and/or failures induced.
 2011-04-14 11:15:10 +00:00
Dr. Stephen Henson
77394d7e8f Remove duplicate flag. 2011-04-13 00:11:53 +00:00
Dr. Stephen Henson
32a2d8ddfe Provisional AES XTS support. 2011-04-12 23:21:33 +00:00
Dr. Stephen Henson
49cb5e0b40 Fix memory leaks: uninstantiate DRBG during health checks. Cleanup md_ctx 
when performing ECDSA selftest.
 2011-04-12 14:28:06 +00:00
Dr. Stephen Henson
364ce53cef No need to disable leak checking for FIPS builds now we use internal 
memory callbacks.
 2011-04-12 13:01:40 +00:00
Dr. Stephen Henson
48da9b8f2a Fix warning. 2011-04-11 14:52:59 +00:00
Dr. Stephen Henson
1f91af5e56 remove ENGINE dependency from ecdh 2011-04-10 01:14:25 +00:00
Dr. Stephen Henson
55e328f580 Add error for health check failure. 
Rebuild all FIPS error codes to clean out old obsolete codes.
 2011-04-09 17:46:31 +00:00
Dr. Stephen Henson
31360957fb DH keys have an (until now) unused 'q' parameter. When creating 
from DSA copy q across and if q present generate DH key in the
correct range.
 2011-04-07 15:01:48 +00:00
Dr. Stephen Henson
d80399a357 Only use fake rand once per operation. This stops the EC 
pairwise consistency test interfering with the test.
 2011-04-06 23:42:55 +00:00
Dr. Stephen Henson
6653c6f2e8 Update OpenSSL DRBG support code. Use date time vector as additional data. 
Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD.
 2011-04-06 23:40:22 +00:00
Dr. Stephen Henson
4c8855b975 Add missing error code strings. 2011-04-06 18:17:05 +00:00
Dr. Stephen Henson
acd410dc15 check buffer is larger enough before overwriting 2011-04-06 18:06:41 +00:00
Dr. Stephen Henson
05e24c87dd Extensive reorganisation of PRNG handling in FIPS module: all calls 
now use an internal RAND_METHOD. All dependencies to OpenSSL standard
PRNG are now removed: it is the applications resposibility to setup
the FIPS PRNG and initalise it.

Initial OpenSSL RAND_init_fips() function that will setup the DRBG
for the "FIPS capable OpenSSL".
 2011-04-05 15:24:10 +00:00
Dr. Stephen Henson
ab1415d2f5 Updated error codes for FIPS library. 2011-04-04 17:05:09 +00:00
Andy Polyakov
7af0400297 gcm128.c: fix shadow warnings. 2011-04-04 15:24:09 +00:00
Dr. Stephen Henson
1d59fe5267 Disable test fprintf. 2011-04-04 14:52:20 +00:00
Dr. Stephen Henson
ded1999702 Change RNG test to block oriented instead of request oriented, add option 
to test a "stuck" DRBG.
 2011-04-04 14:47:31 +00:00
Dr. Stephen Henson
a255e5bc98 check RAND_pseudo_bytes return value 2011-04-04 14:43:20 +00:00
Andy Polyakov
e512375186 ARM assembler pack: add missing arm_arch.h. 2011-04-01 21:09:09 +00:00
Andy Polyakov
1e86318091 ARM assembler pack: profiler-assisted optimizations and NEON support. 2011-04-01 20:58:34 +00:00
Andy Polyakov
d8d958323b gcm128.c: tidy up, minor optimization, rearrange gcm128_context. 2011-04-01 20:52:35 +00:00
Dr. Stephen Henson
30b26b551f restore .cvsignore 2011-04-01 18:49:24 +00:00
Dr. Stephen Henson
02eb92abad temporarily update .cvsignore 2011-04-01 18:38:51 +00:00
Dr. Stephen Henson
8cf88778ea Allow FIPS malloc callback setting. Automatically set some callbacks 
in OPENSSL_init().
 2011-04-01 16:23:16 +00:00
Dr. Stephen Henson
c4acfb1fd0 Add additional OPENSSL_init() handling add dummy call to (hopefully) 
ensure OPENSSL_init() is always linked into an application.
 2011-04-01 15:46:03 +00:00
Dr. Stephen Henson
3f7468318d Provisional support for auto called OPENSSL_init() function. This can be 
used to set up any appropriate functions such as FIPS callbacks without
requiring an explicit application call.
 2011-04-01 14:49:30 +00:00
Dr. Stephen Henson
e06de4dd35 Remove redundant definitions. Give error code if DRBG sefltest fails. 2011-03-31 17:23:12 +00:00
Richard Levitte
3a660e7364 Corrections to the VMS build system. 
Submitted by Steven M. Schweda <sms@antinode.info>
 2011-03-25 16:20:35 +00:00
Dr. Stephen Henson
97057a1a7d Make some Unix builds work again. 2011-03-25 12:09:29 +00:00
Richard Levitte
4ec3e8ca51 For VMS, implement the possibility to choose 64-bit pointers with 
different options:
"64"		The build system will choose /POINTER_SIZE=64=ARGV if
		the compiler supports it, otherwise /POINTER_SIZE=64.
"64="		The build system will force /POINTER_SIZE=64.
"64=ARGV"	The build system will force /POINTER_SIZE=64=ARGV.
 2011-03-25 09:40:48 +00:00
Richard Levitte
5d0137aa14 make update 2011-03-25 09:30:52 +00:00
Richard Levitte
30fafdebf3 * Configure, crypto/ec/ec.h, crypto/ec/ecp_nistp224.c, util/mkdef.pl: 
Have EC_NISTP224_64_GCC_128 treated like any algorithm, and have
  disabled by default.  If we don't do it this way, it screws up
  libeay.num.
* util/libeay.num: make update
 2011-03-25 09:29:46 +00:00
Richard Levitte
c6dbe90895 make update 2011-03-24 22:59:02 +00:00
Richard Levitte
399aa6b5ff Implement FIPS CMAC. 
* fips/cmac/*: Implement the basis for FIPS CMAC, using FIPS HMAC as
  an example.
* crypto/cmac/cmac.c: Enable the FIPS API.  Change to use M_EVP macros
  where possible.
* crypto/evp/evp.h: (some of the macros get added with this change)
* fips/fips.h, fips/utl/fips_enc.c: Add a few needed functions and use
  macros to have cmac.c use these functions.
* Makefile.org, fips/Makefile, fips/fips.c: Hook it in.
 2011-03-24 22:55:02 +00:00
Richard Levitte
487b023f3d make update (1.1.0-dev) 
This meant alarger renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable and 1.0.1-stable.  However, since there's
been no release on this branch yet, it should be harmless.
 2011-03-23 00:11:32 +00:00
Richard Levitte
1f9c2b3f71 * crypto/crypto-lib.com: Add a few more missing modules. 2011-03-23 00:10:16 +00:00
Dr. Stephen Henson
4fc02f1229 Use a signed value to check return value of do_cipher(). 2011-03-21 17:37:27 +00:00
Richard Levitte
3d62b1f22d A few more long symbols need shortening. 2011-03-20 10:23:51 +00:00
Richard Levitte
9e67d24743 Add missing source. Also, have the compile also use [.MODES] as 
include directory, as other parts (notably, EVP) seem to need it.
 2011-03-20 10:23:27 +00:00
Richard Levitte
537c982306 After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS 
submitted by Steven M. Schweda <sms@antinode.info>
 2011-03-19 10:58:14 +00:00
Dr. Stephen Henson
1e803100de Implement continuous RNG test for SP800-90 DRBGs. 2011-03-17 18:53:33 +00:00
Dr. Stephen Henson
96ec46f7c0 Implement health checks needed by SP800-90. 
Fix warnings.

Instantiate DRBGs at maximum strength.
 2011-03-17 16:55:24 +00:00