Commit graph

7327 commits

Author SHA1 Message Date
Ben Laurie
fb4de3deed Update ignores. 2004-06-19 13:18:01 +00:00
Ben Laurie
4d4716dc03 Add Diffie-Hellman to FIPS. 2004-06-19 13:16:51 +00:00
Ben Laurie
b5e4469150 The version that was actually submitted for FIPS testing. 2004-06-19 13:15:35 +00:00
Richard Levitte
3e00d6c4bb Typo, setting the first element of nids[] to NULL instead of setting
*cnids.
2004-06-15 11:46:06 +00:00
Lutz Jänicke
5e86220660 More precise explanation of session id context requirements. 2004-06-14 13:26:47 +00:00
Richard Levitte
4313847660 Make sure o_str.h is reachable. 2004-05-27 10:19:04 +00:00
Richard Levitte
3844adbf58 Run an installation of FIPS stuff as well. 2004-05-27 10:07:04 +00:00
Richard Levitte
d8e2073449 Compile the FIPS directory on VMS as well. fips-lib.com is
essentially a copy of crypto-lib.com, with just a few edits.
2004-05-27 10:04:40 +00:00
Richard Levitte
e9f7ebd674 Copy the FIPS files to the temporary openssl include directory. 2004-05-27 09:33:10 +00:00
Richard Levitte
5affe206e1 Define FIPS_*_SIZE_T for AES, DSA and RSA as well, in preparation for
size_t-ification of those algorithms in future version of OpenSSL...
2004-05-19 14:16:33 +00:00
Andy Polyakov
1f4eccaaa5 Make reservations in FIPS code for upcoming size_t-fication of OpenSSL API.
And couple of bug-fixes in fips/rand code [return without lock release and
incorrect return value in fips_rand_bytes].
2004-05-17 15:37:26 +00:00
Richard Levitte
07bf82a71d Typo corretced. 2004-05-17 04:47:26 +00:00
Richard Levitte
43d6233a22 Rewrite the usage to avoid confusion. 2004-05-17 04:40:49 +00:00
Richard Levitte
736ce650c6 Make it possible for the user to choose the digest used to create the
key.
2004-05-17 04:39:00 +00:00
Richard Levitte
a8bb3d0e15 When in FIPS mode, use SHA1 to digest the key, rather than MD5, as MD5
isn't a FIPS-approved algorithm.

Note: this means the user needs to keep track of this, and we need to
add support for that...
2004-05-17 04:31:14 +00:00
Richard Levitte
f27a152f69 Make sure the applications know when we are running in FIPS mode. We
can't use the variable in libcrypto, since it's supposedly unknown.

Note: currently only supported in MONOLITH mode.
2004-05-17 04:30:06 +00:00
Richard Levitte
63d494b22c Generate SHA1 files on Windows and other platforms supported by
mk1mf.pl, when building in FIPS mode.

Note: UNTESTED!
2004-05-17 04:28:31 +00:00
Ben Laurie
9ac9a29407 Fix self-tests, ban some things in FIPS mode, fix copyrights. 2004-05-15 17:51:26 +00:00
Dr. Stephen Henson
bdb4a7e092 Fixes so alerts are sent properly in s3_pkt.c
PR: 851
2004-05-15 17:46:50 +00:00
Ben Laurie
0163602573 Check error returns. 2004-05-15 16:39:23 +00:00
Richard Levitte
bac2e26a9e Reimplement old functions, so older software that link to libcrypto
don't crash and burn.
2004-05-14 17:55:59 +00:00
Richard Levitte
10eae14f9b All EVP_*_cfb functions have changed names to EVP_*_cfb64 or
EVP_*_cfb128.
2004-05-14 17:54:18 +00:00
Richard Levitte
745c7356c2 make update 2004-05-13 22:41:01 +00:00
Richard Levitte
e31c121315 o_str.h is not an exported header. 2004-05-13 22:40:40 +00:00
Richard Levitte
dbf2ac31c9 Synchronise o_str.c between 0.9.8-dev and 0.9.7-stable. 2004-05-13 22:40:08 +00:00
Richard Levitte
4108d365bf make update 2004-05-13 21:38:37 +00:00
Richard Levitte
03ef2c333c Let's make life easier and have the VMS version of the configuration be
generated from the Unixly configuration file.
2004-05-13 21:38:23 +00:00
Dr. Stephen Henson
7922ba2feb Make self signing option of 'x509' use random serial numbers too. 2004-05-12 18:20:57 +00:00
Dr. Stephen Henson
d94b22235f Fix memory leak. 2004-05-12 17:53:22 +00:00
Ben Laurie
72d75ee206 Blow up in people's faces if they don't reseed. 2004-05-12 14:11:10 +00:00
Richard Levitte
49bc4c1023 make update 2004-05-12 10:17:15 +00:00
Richard Levitte
0e92f7738a Forgot to update the Makefile with the o_str stuff... 2004-05-12 10:17:02 +00:00
Richard Levitte
d529f2a8f7 The functions OPENSSL_strcasen?cmp() were forgotten when merging the
FIPS branch into this.  It's needed at least for certain OpenVMS
versions, and should really be used in a more general way.
2004-05-12 10:09:00 +00:00
Richard Levitte
141a64faff Ignore 'Makefile.save' 2004-05-12 10:07:20 +00:00
Richard Levitte
035dcd3724 Ignore the 'lib' timestamp file. 2004-05-12 08:46:43 +00:00
Richard Levitte
3e9c37a386 I forgot to modify the signature for fips_rand.c... 2004-05-12 08:42:55 +00:00
Richard Levitte
00a59641ee Only really build this file when OPENSSL_FIPS is defined. And oh,
let's keep internal variables static.
2004-05-12 08:28:51 +00:00
Richard Levitte
90cce79346 Makefile.ssl changed name to Makefile. 2004-05-12 08:28:00 +00:00
Richard Levitte
4eeaf52ed9 Only check for FIPS signatures when FIPS is enabled. 2004-05-12 08:27:38 +00:00
Ben Laurie
3642f632d3 Pull FIPS back into stable. 2004-05-11 12:46:24 +00:00
Richard Levitte
aaa16d0001 Remove the creation of $(INSTALL_PREFIX)$(OPENSSLDIR)/lib, since we don't
use it.

Notified by Frédéric L. W. Meunier <0@pervalidus.tk> in PR 713
2004-05-06 09:46:48 +00:00
Richard Levitte
3b8ba6b610 When the pointer 'from' changes, it's stored length needs to change as
well.

Notified by Frank Kardel <kardel@acm.org> in PR 879.
2004-05-06 09:31:31 +00:00
Bodo Möller
535aef9def update from current 0.9.6-stable CHANGES file 2004-05-04 01:08:33 +00:00
Dr. Stephen Henson
6e308baf5a Fix memory leak.
PR:870
2004-04-22 12:33:03 +00:00
Dr. Stephen Henson
5a9d2d9081 Port the random serial number generation to 0.9.7-stable.
Due to the changes in CA.pl in 0.9.8 (use of -self_sign) a slightly different
technique is used to ensure that 'ca' uses the next serial number. It
now initializes the serial number using 'openssl x509 -next_serial'.
2004-04-22 12:19:48 +00:00
Geoff Thorpe
688791b22b Extend the index parameter checking from sk_value to sk_set(). Also tidy up
some similar code elsewhere.

Thanks to Francesco Petruzzi for bringing this to my attention.
2004-04-21 15:09:25 +00:00
Dr. Stephen Henson
8e94e99ccb Clear error if unique_subject lookup fails. 2004-04-15 00:33:24 +00:00
Dr. Stephen Henson
e20db94948 Add some root CAs. 2004-04-13 17:49:05 +00:00
cvs2svn
462a286eeb This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_7-stable'.
2004-04-13 17:47:38 +00:00
Dr. Stephen Henson
28722cf212 Add some root CAs. 2004-04-13 17:47:37 +00:00