Commit graph

333 commits

Author SHA1 Message Date
Dr. Stephen Henson
81ce0e14e7 Add ordinal for CRYPTO_memcmp: since this will affect multiple
branches it needs to be in a "gap".
2013-01-31 15:31:57 +00:00
Dr. Stephen Henson
e133ff7190 PR: 2840
Reported by: David McCullough <david_mccullough@mcafee.com>

Restore fips configuration module from 0.9.8.
2012-07-03 20:16:30 +00:00
Dr. Stephen Henson
7dd6407a4c update ordinals 2011-12-25 14:48:44 +00:00
Dr. Stephen Henson
2a6e3ef37e update ordinals 2011-11-22 14:45:27 +00:00
Bodo Möller
67f8de9ab8 "make update" 2011-10-19 15:24:44 +00:00
Dr. Stephen Henson
6b00cd746a Update ordinals. 2011-10-09 23:14:20 +00:00
Dr. Stephen Henson
38e408076e Update ordinals. 2011-10-09 15:28:52 +00:00
Dr. Stephen Henson
064a6176ac Update ordinals. 2011-08-26 10:45:17 +00:00
Dr. Stephen Henson
7ca035db88 Update ordinals. 2011-07-08 12:12:30 +00:00
Dr. Stephen Henson
907cd7217e update ordinals 2011-06-10 17:17:55 +00:00
Dr. Stephen Henson
b8d78a5520 add cmac to Windows build, update ordinals 2011-06-10 14:12:55 +00:00
Dr. Stephen Henson
e24b01cc6f Have EC_NISTP224_64_GCC_128 treated like any algorithm, and have disabled by
default. If we don't do it this way, it screws up libeay.num.
(update from HEAD, original from levitte).
2011-05-12 13:10:27 +00:00
Richard Levitte
9f427a52cb make update (1.0.1-stable)
This meant a slight renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable.  However, since there's been no release on
this branch yet, it should be harmless.
2011-03-23 00:06:04 +00:00
Richard Levitte
01d2e27a2b Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:47:47 +00:00
Ben Laurie
a149b2466e Add SRP. 2011-03-16 11:26:40 +00:00
Dr. Stephen Henson
528ff4b451 Add modes.h to mkdef.pl, update ordinals. 2010-07-25 17:48:35 +00:00
Dr. Stephen Henson
8c00014d7e make update 2010-04-13 17:08:50 +00:00
Dr. Stephen Henson
5b0a79a27a PR: 2220
Fixes to make OpenSSL compile with no-rc4
2010-04-06 11:18:32 +00:00
Dr. Stephen Henson
9caf25d144 PR: 1904
Submitted by: David Woodhouse <dwmw2@infradead.org>

Pass passphrase minimum length down to UI.
2010-03-27 19:27:51 +00:00
Dr. Stephen Henson
724cca4178 make update 2010-03-09 17:23:51 +00:00
Dr. Stephen Henson
961f1dea06 make update 2010-02-07 13:47:08 +00:00
Dr. Stephen Henson
704d33b347 Add flags functions which were added to 0.9.8 for fips but not 1.0.0 and
later.
2010-01-26 14:33:52 +00:00
Dr. Stephen Henson
b2a7515ee8 OPENSSL_isservice is now defined on all platforms not just WIN32 2010-01-26 13:58:49 +00:00
Dr. Stephen Henson
c7d5edbf5e export OPENSSL_isservice and make update 2010-01-26 13:55:33 +00:00
Dr. Stephen Henson
58f4b3511e update ordinals 2010-01-12 17:33:59 +00:00
Dr. Stephen Henson
23c3bee970 make update 2010-01-12 01:59:11 +00:00
Dr. Stephen Henson
41746da8c2 Update ordinals. 2009-11-04 13:29:58 +00:00
Dr. Stephen Henson
c90a1ae0c9 make update 2009-10-18 14:44:51 +00:00
Dr. Stephen Henson
b381e9b952 Update ordinals. 2009-10-15 18:04:43 +00:00
Dr. Stephen Henson
c0688f1aef Make update, deleting bogus DTLS error code 2009-09-06 15:55:54 +00:00
Dr. Stephen Henson
6178da0142 Update from HEAD. 2009-06-17 12:05:51 +00:00
Dr. Stephen Henson
2d0b6c72b8 Update ordinals and sync with 0.9.8 2009-05-28 20:49:29 +00:00
Dr. Stephen Henson
30baeaaeab CryptoAPI engine only exists on WIN32. 2009-04-22 17:36:45 +00:00
Dr. Stephen Henson
0416482605 Make update. 2009-04-13 11:40:00 +00:00
Dr. Stephen Henson
463f448595 Win32 build fixes. 2009-03-31 22:04:25 +00:00
Andy Polyakov
0f76640fba Windows-specific addenum to "engage crypto/modes" commit #17716. 2008-12-23 15:15:44 +00:00
Dr. Stephen Henson
fd252de312 Update libeay.num 2008-11-24 17:46:29 +00:00
Dr. Stephen Henson
ed551cddf7 Update from stable branch. 2008-11-12 17:28:18 +00:00
Dr. Stephen Henson
869eb9e767 Update ordinals. 2008-06-22 01:09:14 +00:00
Dr. Stephen Henson
ce04f91951 Sync ordinals. 2008-06-06 15:57:16 +00:00
Dr. Stephen Henson
9ab89286a2 Sync ordinals with stable branch. 2008-06-05 11:10:49 +00:00
Dr. Stephen Henson
09a6e19431 Update ordinals. 2008-06-04 11:52:36 +00:00
Dr. Stephen Henson
65fd877515 Update ordinals. 2008-05-20 12:23:38 +00:00
Dr. Stephen Henson
6819050722 Delete nonexistant function from pkcs7.h header file. WIN32 build fix from
stable branch. Sync and update ordinals.
2008-04-04 00:06:43 +00:00
Dr. Stephen Henson
13baedc55b Update ordinals 2007-12-16 13:16:58 +00:00
Dr. Stephen Henson
0e1dba934f 1. Changes for s_client.c to make it return non-zero exit code in case
of handshake failure

2. Changes to x509_certificate_type function (crypto/x509/x509type.c) to
make it recognize GOST certificates as EVP_PKT_SIGN|EVP_PKT_EXCH
(required for s3_srvr to accept GOST client certificates).

3. Changes to EVP
	- adding of function EVP_PKEY_CTX_get0_peerkey
	- Make function EVP_PKEY_derive_set_peerkey work for context with
	  ENCRYPT operation, because we use peerkey field in the context to
	  pass non-ephemeral secret key to GOST encrypt operation.
	- added EVP_PKEY_CTRL_SET_IV control command. It is really
	  GOST-specific, but it is used in SSL code, so it has to go
	  in some header file, available during libssl compilation

4. Fix to HMAC to avoid call of OPENSSL_cleanse on undefined data

5. Include des.h if KSSL_DEBUG is defined into some libssl files, to
  make debugging output which depends on constants defined there, work
  and other KSSL_DEBUG output fixes

6. Declaration of real GOST ciphersuites, two authentication methods
   SSL_aGOST94 and SSL_aGOST2001 and one key exchange method SSL_kGOST

7. Implementation  of these methods.

8. Support for sending unsolicited serverhello extension if GOST
  ciphersuite is selected. It is require for interoperability with
  CryptoPro CSP 3.0 and 3.6 and controlled by
  SSL_OP_CRYPTOPRO_TLSEXT_BUG constant.
  This constant is added to SSL_OP_ALL, because it does nothing, if
  non-GOST ciphersuite is selected, and all implementation of GOST
  include compatibility with CryptoPro.

9. Support for CertificateVerify message without length field. It is
   another CryptoPro bug, but support is made unconditional, because it
   does no harm for draft-conforming implementation.

10. In tls1_mac extra copy of stream mac context is no more done.
  When I've written currently commited code I haven't read
  EVP_DigestSignFinal manual carefully enough and haven't noticed that
  it does an internal digest ctx copying.

This implementation was tested against
1. CryptoPro CSP 3.6 client and server
2. Cryptopro CSP 3.0 server
2007-10-26 12:06:36 +00:00
Dr. Stephen Henson
a6db6a0070 Update CHANGES. Keep ordinals consistent. 2007-10-12 00:15:09 +00:00
Dr. Stephen Henson
6d6496ed52 Make ordinals consistent with OpenSSL 0.9.8 2007-06-18 12:35:56 +00:00
Andy Polyakov
55525742f4 Privatize BN_*_no_branch. 2007-06-11 16:33:03 +00:00
Dr. Stephen Henson
281cfff026 Update ordinals. 2007-05-24 10:17:49 +00:00